[
{
"date": "09/22/2017 01:30:01",
"source": "cowrie 159.203.x.x",
"name": "8b888fed64e739970a4d76d16280e54528e82738dd2186c9d63ffbcab34965e4",
"hash": "8b888fed64e739970a4d76d16280e54528e82738dd2186c9d63ffbcab34965e4",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.13C872CE",
"virustotal": "https://www.virustotal.com/file/8b888fed64e739970a4d76d16280e54528e82738dd2186c9d63ffbcab34965e4/analysis/1505977249/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8b888fed64e739970a4d76d16280e54528e82738dd2186c9d63ffbcab34965e4"
},
{
"date": "09/22/2017 01:00:01",
"source": "cowrie 159.203.x.x",
"name": "90ad1f172af7d0915e548bd84443ab3cc3b3df97b3fbf8c06ecc8b42604fbb5f",
"hash": "90ad1f172af7d0915e548bd84443ab3cc3b3df97b3fbf8c06ecc8b42604fbb5f",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.9, not stripped",
"classification": "Gen:Variant.Trojan.Linux.XorDDoS.2",
"virustotal": "https://www.virustotal.com/file/90ad1f172af7d0915e548bd84443ab3cc3b3df97b3fbf8c06ecc8b42604fbb5f/analysis/1505996140/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/90ad1f172af7d0915e548bd84443ab3cc3b3df97b3fbf8c06ecc8b42604fbb5f"
},
{
"date": "09/22/2017 00:05:01",
"source": "cowrie 159.203.x.x",
"name": "a3c3bc9ae9ff9ce96fb0598b2824978e35db84b8244528b0524d4eda114646c8",
"hash": "a3c3bc9ae9ff9ce96fb0598b2824978e35db84b8244528b0524d4eda114646c8",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.3C559961",
"virustotal": "https://www.virustotal.com/file/a3c3bc9ae9ff9ce96fb0598b2824978e35db84b8244528b0524d4eda114646c8/analysis/1505517322/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a3c3bc9ae9ff9ce96fb0598b2824978e35db84b8244528b0524d4eda114646c8"
},
{
"date": "09/21/2017 23:40:01",
"source": "cowrie 159.203.x.x",
"name": "20170921233936_197fe1083ef4_0_http___45_77_91_225_bins_sh",
"hash": "a3c3bc9ae9ff9ce96fb0598b2824978e35db84b8244528b0524d4eda114646c8",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.3C559961",
"virustotal": "https://www.virustotal.com/file/a3c3bc9ae9ff9ce96fb0598b2824978e35db84b8244528b0524d4eda114646c8/analysis/1505517322/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/20170921233936_197fe1083ef4_0_http___45_77_91_225_bins_sh"
},
{
"date": "09/21/2017 20:10:01",
"source": "cowrie 159.203.x.x",
"name": "d56167e40d00817f843fc881d41d1b29f466fea831aadb040a56023ee21f62fb",
"hash": "d56167e40d00817f843fc881d41d1b29f466fea831aadb040a56023ee21f62fb",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.3EBF0C73",
"virustotal": "https://www.virustotal.com/file/d56167e40d00817f843fc881d41d1b29f466fea831aadb040a56023ee21f62fb/analysis/1505981044/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/d56167e40d00817f843fc881d41d1b29f466fea831aadb040a56023ee21f62fb"
},
{
"date": "09/21/2017 20:05:01",
"source": "cowrie 159.203.x.x",
"name": "d499325faae3ad57df7b9b28383b5469ff2c1aceba8ed3fffab0489b50baace0",
"hash": "d499325faae3ad57df7b9b28383b5469ff2c1aceba8ed3fffab0489b50baace0",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.97EE867A",
"virustotal": "https://www.virustotal.com/file/d499325faae3ad57df7b9b28383b5469ff2c1aceba8ed3fffab0489b50baace0/analysis/1505980301/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/d499325faae3ad57df7b9b28383b5469ff2c1aceba8ed3fffab0489b50baace0"
},
{
"date": "09/21/2017 18:40:01",
"source": "deonaea 159.203.x.x",
"name": "smb-jh34eqdo.tmp",
"hash": "bdd816b9d85947b9bd7f2462d6b177dd6dadfe83723fd4dde4eded130177b218",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Worm.Generic.230976",
"virustotal": "https://www.virustotal.com/file/bdd816b9d85947b9bd7f2462d6b177dd6dadfe83723fd4dde4eded130177b218/analysis/1506004750/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/smb-jh34eqdo.tmp"
},
{
"date": "09/21/2017 18:00:01",
"source": "cowrie 159.203.x.x",
"name": "45ad067f28053c28c6056bc7de94eea7c0c2ba36d3f69d425059d0fe982fc646",
"hash": "45ad067f28053c28c6056bc7de94eea7c0c2ba36d3f69d425059d0fe982fc646",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.0231D3C4",
"virustotal": "https://www.virustotal.com/file/45ad067f28053c28c6056bc7de94eea7c0c2ba36d3f69d425059d0fe982fc646/analysis/1505323547/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/45ad067f28053c28c6056bc7de94eea7c0c2ba36d3f69d425059d0fe982fc646"
},
{
"date": "09/21/2017 16:30:01",
"source": "cowrie 159.203.x.x",
"name": "fc4746161870f00cb751a1dbb86e27d5cc8559a4932712c8cc82901302080e7e",
"hash": "fc4746161870f00cb751a1dbb86e27d5cc8559a4932712c8cc82901302080e7e",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.869149E1",
"virustotal": "https://www.virustotal.com/file/fc4746161870f00cb751a1dbb86e27d5cc8559a4932712c8cc82901302080e7e/analysis/1505981433/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/fc4746161870f00cb751a1dbb86e27d5cc8559a4932712c8cc82901302080e7e"
},
{
"date": "09/21/2017 15:00:01",
"source": "cowrie 159.203.x.x",
"name": "10d518c5508e5728572d1d9dd3ae6b5858733b33bcad74b4b95fa32a72d87344",
"hash": "10d518c5508e5728572d1d9dd3ae6b5858733b33bcad74b4b95fa32a72d87344",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.85657770",
"virustotal": "https://www.virustotal.com/file/10d518c5508e5728572d1d9dd3ae6b5858733b33bcad74b4b95fa32a72d87344/analysis/1506002340/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/10d518c5508e5728572d1d9dd3ae6b5858733b33bcad74b4b95fa32a72d87344"
},
{
"date": "09/21/2017 11:30:01",
"source": "cowrie 159.203.x.x",
"name": "20170921112943_c1247b0c2442_0_http___45_77_91_225_bins_sh",
"hash": "a3c3bc9ae9ff9ce96fb0598b2824978e35db84b8244528b0524d4eda114646c8",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.3C559961",
"virustotal": "https://www.virustotal.com/file/a3c3bc9ae9ff9ce96fb0598b2824978e35db84b8244528b0524d4eda114646c8/analysis/1505517322/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/20170921112943_c1247b0c2442_0_http___45_77_91_225_bins_sh"
},
{
"date": "09/21/2017 08:55:01",
"source": "cowrie 159.203.x.x",
"name": "c11330bfe35c852bc55b8dd11718905a015bd06d2fda23e85fe6b0c64f26f4a4",
"hash": "c11330bfe35c852bc55b8dd11718905a015bd06d2fda23e85fe6b0c64f26f4a4",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.518BB08C",
"virustotal": "https://www.virustotal.com/file/c11330bfe35c852bc55b8dd11718905a015bd06d2fda23e85fe6b0c64f26f4a4/analysis/1505984447/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/c11330bfe35c852bc55b8dd11718905a015bd06d2fda23e85fe6b0c64f26f4a4"
},
{
"date": "09/21/2017 08:55:01",
"source": "cowrie 159.203.x.x",
"name": "1192ee951dbddc91f0e430bd530f1e03ed0482f6d27642e12dde1905f9b9b9fb",
"hash": "1192ee951dbddc91f0e430bd530f1e03ed0482f6d27642e12dde1905f9b9b9fb",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.5B8C2368",
"virustotal": "https://www.virustotal.com/file/1192ee951dbddc91f0e430bd530f1e03ed0482f6d27642e12dde1905f9b9b9fb/analysis/1505984488/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1192ee951dbddc91f0e430bd530f1e03ed0482f6d27642e12dde1905f9b9b9fb"
},
{
"date": "09/21/2017 08:30:01",
"source": "cowrie 159.203.x.x",
"name": "297ef5fe627fdd1e0e0a2c447e5496e9ff131f29c0dc35b1499380c5e71cd578",
"hash": "297ef5fe627fdd1e0e0a2c447e5496e9ff131f29c0dc35b1499380c5e71cd578",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.75E1CBFD",
"virustotal": "https://www.virustotal.com/file/297ef5fe627fdd1e0e0a2c447e5496e9ff131f29c0dc35b1499380c5e71cd578/analysis/1505954740/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/297ef5fe627fdd1e0e0a2c447e5496e9ff131f29c0dc35b1499380c5e71cd578"
},
{
"date": "09/21/2017 06:45:01",
"source": "cowrie 159.203.x.x",
"name": "90c2861e7747e18f210959225e9ed035103c661681326d3af679134bca007db5",
"hash": "90c2861e7747e18f210959225e9ed035103c661681326d3af679134bca007db5",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.851C7DF7",
"virustotal": "https://www.virustotal.com/file/90c2861e7747e18f210959225e9ed035103c661681326d3af679134bca007db5/analysis/1505976314/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/90c2861e7747e18f210959225e9ed035103c661681326d3af679134bca007db5"
},
{
"date": "09/21/2017 06:00:01",
"source": "cowrie 159.203.x.x",
"name": "3371564a27ffb3434b3175b7d6fcf21e890d40b80eeb1c3bf481a0d11415e4fa",
"hash": "3371564a27ffb3434b3175b7d6fcf21e890d40b80eeb1c3bf481a0d11415e4fa",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.724A3362",
"virustotal": "https://www.virustotal.com/file/3371564a27ffb3434b3175b7d6fcf21e890d40b80eeb1c3bf481a0d11415e4fa/analysis/1505970047/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/3371564a27ffb3434b3175b7d6fcf21e890d40b80eeb1c3bf481a0d11415e4fa"
},
{
"date": "09/21/2017 04:50:01",
"source": "cowrie 159.203.x.x",
"name": "2697beb2d8cacc150d18edaf98556d0f68b23fe444888390b32f72402bfdbae7",
"hash": "2697beb2d8cacc150d18edaf98556d0f68b23fe444888390b32f72402bfdbae7",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.AA9A4076",
"virustotal": "https://www.virustotal.com/file/2697beb2d8cacc150d18edaf98556d0f68b23fe444888390b32f72402bfdbae7/analysis/1505969115/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2697beb2d8cacc150d18edaf98556d0f68b23fe444888390b32f72402bfdbae7"
},
{
"date": "09/21/2017 01:05:01",
"source": "deonaea 192.241.x.x",
"name": "b29d0c4b7d80ec22641c71bf997d1eeb",
"hash": "f6c12284b05891ac4b205918b365516d0666ed2394e2b23ea079d59751ddbae1",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.313952",
"virustotal": "https://www.virustotal.com/file/f6c12284b05891ac4b205918b365516d0666ed2394e2b23ea079d59751ddbae1/analysis/1505950587/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b29d0c4b7d80ec22641c71bf997d1eeb"
},
{
"date": "09/20/2017 23:45:01",
"source": "cowrie 159.203.x.x",
"name": "8e0feb43f2137013fbbe42258dcc118104f9237cf41bfa52d342211ac823fad2",
"hash": "8e0feb43f2137013fbbe42258dcc118104f9237cf41bfa52d342211ac823fad2",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.9, not stripped",
"classification": "Gen:Variant.Trojan.Linux.XorDDoS.2",
"virustotal": "https://www.virustotal.com/file/8e0feb43f2137013fbbe42258dcc118104f9237cf41bfa52d342211ac823fad2/analysis/1505909063/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8e0feb43f2137013fbbe42258dcc118104f9237cf41bfa52d342211ac823fad2"
},
{
"date": "09/20/2017 20:35:01",
"source": "cowrie 159.203.x.x",
"name": "96d57ce8f0a0a5cd6a9bb40929422880739ea49e3c8b4358603d158da86f5124",
"hash": "96d57ce8f0a0a5cd6a9bb40929422880739ea49e3c8b4358603d158da86f5124",
"type": "ASCII text",
"classification": "BV:Downloader-KB [Drp]",
"virustotal": "https://www.virustotal.com/file/96d57ce8f0a0a5cd6a9bb40929422880739ea49e3c8b4358603d158da86f5124/analysis/1505675044/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/96d57ce8f0a0a5cd6a9bb40929422880739ea49e3c8b4358603d158da86f5124"
},
{
"date": "09/20/2017 20:30:01",
"source": "cowrie 159.203.x.x",
"name": "5a0a3ea9c619a70e89da4a8602eae94519ca6d5d35e8566090432b472cacaa6b",
"hash": "5a0a3ea9c619a70e89da4a8602eae94519ca6d5d35e8566090432b472cacaa6b",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.17736341",
"virustotal": "https://www.virustotal.com/file/5a0a3ea9c619a70e89da4a8602eae94519ca6d5d35e8566090432b472cacaa6b/analysis/1505676639/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5a0a3ea9c619a70e89da4a8602eae94519ca6d5d35e8566090432b472cacaa6b"
},
{
"date": "09/20/2017 18:30:01",
"source": "deonaea 192.241.x.x",
"name": "ab27f6c7634e9efc13fb2db29216a0a8",
"hash": "c071278f921475bc6f252b10b771dda4948596ef6d81b689bd936a2a9058b5cc",
"type": "ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, stripped",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/c071278f921475bc6f252b10b771dda4948596ef6d81b689bd936a2a9058b5cc/analysis/1505725785/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ab27f6c7634e9efc13fb2db29216a0a8"
},
{
"date": "09/20/2017 17:30:01",
"source": "deonaea 159.203.x.x",
"name": "1a89371ea1bfae68ce3242ce40d80bd3",
"hash": "63aa88704c956057cc93188a7d167951604934217332bed7a6902dc5201996a9",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Zegost.6",
"virustotal": "https://www.virustotal.com/file/63aa88704c956057cc93188a7d167951604934217332bed7a6902dc5201996a9/analysis/1505699089/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1a89371ea1bfae68ce3242ce40d80bd3"
},
{
"date": "09/20/2017 14:15:01",
"source": "cowrie 159.203.x.x",
"name": "828bd179de7ea17e72efdcc52d1aa7de799b79428cfc3eb23fe52eb3d3c46e83",
"hash": "828bd179de7ea17e72efdcc52d1aa7de799b79428cfc3eb23fe52eb3d3c46e83",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.E1B92387",
"virustotal": "https://www.virustotal.com/file/828bd179de7ea17e72efdcc52d1aa7de799b79428cfc3eb23fe52eb3d3c46e83/analysis/1505771190/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/828bd179de7ea17e72efdcc52d1aa7de799b79428cfc3eb23fe52eb3d3c46e83"
},
{
"date": "09/20/2017 10:10:01",
"source": "cowrie 159.203.x.x",
"name": "75062e5704b3c1050d906d78793d44e2b5fba4a7f5e4e4e56ac977de80a8ad1c",
"hash": "75062e5704b3c1050d906d78793d44e2b5fba4a7f5e4e4e56ac977de80a8ad1c",
"type": "ASCII text, with CRLF line terminators",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.as",
"virustotal": "https://www.virustotal.com/file/75062e5704b3c1050d906d78793d44e2b5fba4a7f5e4e4e56ac977de80a8ad1c/analysis/1505903407/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/75062e5704b3c1050d906d78793d44e2b5fba4a7f5e4e4e56ac977de80a8ad1c"
},
{
"date": "09/20/2017 08:30:01",
"source": "cowrie 159.203.x.x",
"name": "1d1baf132cd5a9e8a0bf5790ef6237fd173280a93059325b53d1d358ee1b370b",
"hash": "1d1baf132cd5a9e8a0bf5790ef6237fd173280a93059325b53d1d358ee1b370b",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.1FAFD1C8",
"virustotal": "https://www.virustotal.com/file/1d1baf132cd5a9e8a0bf5790ef6237fd173280a93059325b53d1d358ee1b370b/analysis/1505840644/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1d1baf132cd5a9e8a0bf5790ef6237fd173280a93059325b53d1d358ee1b370b"
},
{
"date": "09/20/2017 04:30:01",
"source": "cowrie 159.203.x.x",
"name": "f101d2270c3887faa98d63b8bf33d21e9b2e6b974f3bdca4493b8f52e36468db",
"hash": "f101d2270c3887faa98d63b8bf33d21e9b2e6b974f3bdca4493b8f52e36468db",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.ACE58AD6",
"virustotal": "https://www.virustotal.com/file/f101d2270c3887faa98d63b8bf33d21e9b2e6b974f3bdca4493b8f52e36468db/analysis/1505631847/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f101d2270c3887faa98d63b8bf33d21e9b2e6b974f3bdca4493b8f52e36468db"
},
{
"date": "09/20/2017 04:00:01",
"source": "cowrie 159.203.x.x",
"name": "c31de2c0a03d817890431780f51cfd6fe86e18838750c5006328fc77d8b59ca8",
"hash": "c31de2c0a03d817890431780f51cfd6fe86e18838750c5006328fc77d8b59ca8",
"type": "ASCII text",
"classification": "BV:Downloader-JV [Drp]",
"virustotal": "https://www.virustotal.com/file/c31de2c0a03d817890431780f51cfd6fe86e18838750c5006328fc77d8b59ca8/analysis/1505872807/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/c31de2c0a03d817890431780f51cfd6fe86e18838750c5006328fc77d8b59ca8"
},
{
"date": "09/20/2017 01:35:01",
"source": "cowrie 159.203.x.x",
"name": "cb92d3aadd2363213fcb37ca5412d931f4b0a6a2c1554ccd9a4edf9e42ee3e28",
"hash": "cb92d3aadd2363213fcb37ca5412d931f4b0a6a2c1554ccd9a4edf9e42ee3e28",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/cb92d3aadd2363213fcb37ca5412d931f4b0a6a2c1554ccd9a4edf9e42ee3e28/analysis/1505872890/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/cb92d3aadd2363213fcb37ca5412d931f4b0a6a2c1554ccd9a4edf9e42ee3e28"
},
{
"date": "09/20/2017 01:35:01",
"source": "cowrie 159.203.x.x",
"name": "a9716a3a9aeb307e0448d0428e228629be665da348ae95b5e5777f86e704e656",
"hash": "a9716a3a9aeb307e0448d0428e228629be665da348ae95b5e5777f86e704e656",
"type": "ASCII text",
"classification": "BV:Downloader-II [Trj]",
"virustotal": "https://www.virustotal.com/file/a9716a3a9aeb307e0448d0428e228629be665da348ae95b5e5777f86e704e656/analysis/1505828439/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a9716a3a9aeb307e0448d0428e228629be665da348ae95b5e5777f86e704e656"
},
{
"date": "09/19/2017 22:10:01",
"source": "cowrie 159.203.x.x",
"name": "06ef9f2998b4128143c719b0726cd43d6025dd375b486ea39745ba52b1449717",
"hash": "06ef9f2998b4128143c719b0726cd43d6025dd375b486ea39745ba52b1449717",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.5891BD49",
"virustotal": "https://www.virustotal.com/file/06ef9f2998b4128143c719b0726cd43d6025dd375b486ea39745ba52b1449717/analysis/1505858770/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/06ef9f2998b4128143c719b0726cd43d6025dd375b486ea39745ba52b1449717"
},
{
"date": "09/19/2017 19:55:01",
"source": "deonaea 159.203.x.x",
"name": "9846c18d6cacab5b3cf8076d44dc6846",
"hash": "49c0dc6154336e3df65abea5179bebf26776b41156a101d0767b41b8b68ae8bb",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Mikey.70718",
"virustotal": "https://www.virustotal.com/file/49c0dc6154336e3df65abea5179bebf26776b41156a101d0767b41b8b68ae8bb/analysis/1505843811/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/9846c18d6cacab5b3cf8076d44dc6846"
},
{
"date": "09/19/2017 18:30:01",
"source": "deonaea 192.241.x.x",
"name": "40509f8bb36fb08b7db7d1aa22c1b10e",
"hash": "7578ed0d872e8d81caf4bdd635c73dcdf99e520f82b53b180de08c2649ac4a48",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Trojan.Heur.RP.fmW@aeJX36k",
"virustotal": "https://www.virustotal.com/file/7578ed0d872e8d81caf4bdd635c73dcdf99e520f82b53b180de08c2649ac4a48/analysis/1505808604/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/40509f8bb36fb08b7db7d1aa22c1b10e"
},
{
"date": "09/19/2017 14:45:01",
"source": "deonaea 192.241.x.x",
"name": "ee4bd9b5f49cb117e41c8f348fb8226c",
"hash": "4ef23c9f24377240eec4935c96b61439635f9a55d7d033a13cb0c1e50cbbbab3",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Trojan.Rasftuby.Gen.14",
"virustotal": "https://www.virustotal.com/file/4ef23c9f24377240eec4935c96b61439635f9a55d7d033a13cb0c1e50cbbbab3/analysis/1505434185/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ee4bd9b5f49cb117e41c8f348fb8226c"
},
{
"date": "09/19/2017 02:25:01",
"source": "cowrie 159.203.x.x",
"name": "bd1451867b3381542320a4aa136d934405da3e3c0efa041dcd9b4c6f1415f753",
"hash": "bd1451867b3381542320a4aa136d934405da3e3c0efa041dcd9b4c6f1415f753",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.2F738726",
"virustotal": "https://www.virustotal.com/file/bd1451867b3381542320a4aa136d934405da3e3c0efa041dcd9b4c6f1415f753/analysis/1505788232/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/bd1451867b3381542320a4aa136d934405da3e3c0efa041dcd9b4c6f1415f753"
},
{
"date": "09/18/2017 23:00:01",
"source": "cowrie 159.203.x.x",
"name": "469d85d38ee12c3ece1d397d8a0e71955b992d7bfb39ef13039294ab5c71f6b3",
"hash": "469d85d38ee12c3ece1d397d8a0e71955b992d7bfb39ef13039294ab5c71f6b3",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.B717FF8B",
"virustotal": "https://www.virustotal.com/file/469d85d38ee12c3ece1d397d8a0e71955b992d7bfb39ef13039294ab5c71f6b3/analysis/1505732413/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/469d85d38ee12c3ece1d397d8a0e71955b992d7bfb39ef13039294ab5c71f6b3"
},
{
"date": "09/18/2017 22:30:01",
"source": "cowrie 159.203.x.x",
"name": "43125ec45a3ab735c40f6654a6c31cd64d9d68f02787e36bbd4a0846915066f3",
"hash": "43125ec45a3ab735c40f6654a6c31cd64d9d68f02787e36bbd4a0846915066f3",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.AFB8F1B5",
"virustotal": "https://www.virustotal.com/file/43125ec45a3ab735c40f6654a6c31cd64d9d68f02787e36bbd4a0846915066f3/analysis/1505732406/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/43125ec45a3ab735c40f6654a6c31cd64d9d68f02787e36bbd4a0846915066f3"
},
{
"date": "09/18/2017 21:00:02",
"source": "cowrie 159.203.x.x",
"name": "46f42632a1d39ddb8b6edd9fca83e6be19f37a87ae1310cbaa07a956f78773f7",
"hash": "46f42632a1d39ddb8b6edd9fca83e6be19f37a87ae1310cbaa07a956f78773f7",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.0AE75968",
"virustotal": "https://www.virustotal.com/file/46f42632a1d39ddb8b6edd9fca83e6be19f37a87ae1310cbaa07a956f78773f7/analysis/1505767781/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/46f42632a1d39ddb8b6edd9fca83e6be19f37a87ae1310cbaa07a956f78773f7"
},
{
"date": "09/18/2017 13:55:01",
"source": "cowrie 159.203.x.x",
"name": "e22a335904e9e48d8207dbc602fa9bc856c8c7071d88a29c5e600e58c1908c41",
"hash": "e22a335904e9e48d8207dbc602fa9bc856c8c7071d88a29c5e600e58c1908c41",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.22D75005",
"virustotal": "https://www.virustotal.com/file/e22a335904e9e48d8207dbc602fa9bc856c8c7071d88a29c5e600e58c1908c41/analysis/1505621043/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e22a335904e9e48d8207dbc602fa9bc856c8c7071d88a29c5e600e58c1908c41"
},
{
"date": "09/17/2017 22:35:01",
"source": "cowrie 159.203.x.x",
"name": "20170917223424_88f5461819b6_0_http___45_77_91_225_bins_sh",
"hash": "a3c3bc9ae9ff9ce96fb0598b2824978e35db84b8244528b0524d4eda114646c8",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.3C559961",
"virustotal": "https://www.virustotal.com/file/a3c3bc9ae9ff9ce96fb0598b2824978e35db84b8244528b0524d4eda114646c8/analysis/1505517322/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/20170917223424_88f5461819b6_0_http___45_77_91_225_bins_sh"
},
{
"date": "09/17/2017 20:30:01",
"source": "deonaea 192.241.x.x",
"name": "7f3c6506647fa95083d6a0f38f2eeb4c",
"hash": "f42f065c19e1883bacdbd8aae6931c60c59b1decfd551acbaf1fb3f5a54779ed",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.170215",
"virustotal": "https://www.virustotal.com/file/f42f065c19e1883bacdbd8aae6931c60c59b1decfd551acbaf1fb3f5a54779ed/analysis/1505582166/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7f3c6506647fa95083d6a0f38f2eeb4c"
},
{
"date": "09/17/2017 16:40:01",
"source": "deonaea 192.241.x.x",
"name": "smb-jynjmt80.tmp",
"hash": "db5ce44e4c4ce6271d2e0a056e5abafdd7045f00d55c78450e64a87c2ed86efb",
"type": "data",
"classification": "Trojan.GenericKD.4484531",
"virustotal": "https://www.virustotal.com/file/db5ce44e4c4ce6271d2e0a056e5abafdd7045f00d55c78450e64a87c2ed86efb/analysis/1505620941/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/smb-jynjmt80.tmp"
},
{
"date": "09/17/2017 07:05:01",
"source": "cowrie 159.203.x.x",
"name": "7748913a6d911fe63a4236ea4513adfdb4fcc601c95f3287bcd1236ab9718744",
"hash": "7748913a6d911fe63a4236ea4513adfdb4fcc601c95f3287bcd1236ab9718744",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.5B6AC1A2",
"virustotal": "https://www.virustotal.com/file/7748913a6d911fe63a4236ea4513adfdb4fcc601c95f3287bcd1236ab9718744/analysis/1505631844/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7748913a6d911fe63a4236ea4513adfdb4fcc601c95f3287bcd1236ab9718744"
},
{
"date": "09/17/2017 03:25:01",
"source": "cowrie 159.203.x.x",
"name": "85478678c7d8de5ffb712809c66dc1f46846024cac4435f91aa9cc70fe9bea17",
"hash": "85478678c7d8de5ffb712809c66dc1f46846024cac4435f91aa9cc70fe9bea17",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.D48C9969",
"virustotal": "https://www.virustotal.com/file/85478678c7d8de5ffb712809c66dc1f46846024cac4435f91aa9cc70fe9bea17/analysis/1505619007/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/85478678c7d8de5ffb712809c66dc1f46846024cac4435f91aa9cc70fe9bea17"
},
{
"date": "09/17/2017 03:25:01",
"source": "cowrie 159.203.x.x",
"name": "4626bf917f4da467e6075b0e8c6124a58ee28aef937a90871f3852a93fe3267c",
"hash": "4626bf917f4da467e6075b0e8c6124a58ee28aef937a90871f3852a93fe3267c",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.1CDAC9C2",
"virustotal": "https://www.virustotal.com/file/4626bf917f4da467e6075b0e8c6124a58ee28aef937a90871f3852a93fe3267c/analysis/1505619050/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/4626bf917f4da467e6075b0e8c6124a58ee28aef937a90871f3852a93fe3267c"
},
{
"date": "09/16/2017 23:00:01",
"source": "cowrie 159.203.x.x",
"name": "a35ef4951809c1d8f0d46c04c3f183983919ee0551b62dfbb3140839b2bf84e2",
"hash": "a35ef4951809c1d8f0d46c04c3f183983919ee0551b62dfbb3140839b2bf84e2",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.88076DA1",
"virustotal": "https://www.virustotal.com/file/a35ef4951809c1d8f0d46c04c3f183983919ee0551b62dfbb3140839b2bf84e2/analysis/1505596548/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a35ef4951809c1d8f0d46c04c3f183983919ee0551b62dfbb3140839b2bf84e2"
},
{
"date": "09/16/2017 21:20:01",
"source": "cowrie 159.203.x.x",
"name": "6a1246bfc42c142d7857ec3b1a35744eb80002b7fda94f8057260ba8a83a8883",
"hash": "6a1246bfc42c142d7857ec3b1a35744eb80002b7fda94f8057260ba8a83a8883",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/6a1246bfc42c142d7857ec3b1a35744eb80002b7fda94f8057260ba8a83a8883"
},
{
"date": "09/16/2017 20:05:01",
"source": "cowrie 159.203.x.x",
"name": "20170916200458_de388f3adb54_0_http___45_77_91_225_bins_sh",
"hash": "a3c3bc9ae9ff9ce96fb0598b2824978e35db84b8244528b0524d4eda114646c8",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.3C559961",
"virustotal": "https://www.virustotal.com/file/a3c3bc9ae9ff9ce96fb0598b2824978e35db84b8244528b0524d4eda114646c8/analysis/1505517322/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/20170916200458_de388f3adb54_0_http___45_77_91_225_bins_sh"
},
{
"date": "09/16/2017 18:30:01",
"source": "cowrie 159.203.x.x",
"name": "5bb37913970e5f93e7872068972ef503be8ba8d902872183d0e7438a5651fc74",
"hash": "5bb37913970e5f93e7872068972ef503be8ba8d902872183d0e7438a5651fc74",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.7F062B6A",
"virustotal": "https://www.virustotal.com/file/5bb37913970e5f93e7872068972ef503be8ba8d902872183d0e7438a5651fc74/analysis/1505262714/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5bb37913970e5f93e7872068972ef503be8ba8d902872183d0e7438a5651fc74"
},
{
"date": "09/16/2017 17:30:01",
"source": "cowrie 159.203.x.x",
"name": "2815c35a00c6abadc22aa61b888cb144bc51458d08196794f15d06851d185b1d",
"hash": "2815c35a00c6abadc22aa61b888cb144bc51458d08196794f15d06851d185b1d",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.9, not stripped",
"classification": "Gen:Variant.Trojan.Linux.XorDDoS.2",
"virustotal": "https://www.virustotal.com/file/2815c35a00c6abadc22aa61b888cb144bc51458d08196794f15d06851d185b1d/analysis/1505367065/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2815c35a00c6abadc22aa61b888cb144bc51458d08196794f15d06851d185b1d"
},
{
"date": "09/16/2017 14:55:01",
"source": "cowrie 159.203.x.x",
"name": "119cb6eb0df6ddfcfb898d5dd37fc1580b3210640ad87573976c466a691f5083",
"hash": "119cb6eb0df6ddfcfb898d5dd37fc1580b3210640ad87573976c466a691f5083",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.A83AC431",
"virustotal": "https://www.virustotal.com/file/119cb6eb0df6ddfcfb898d5dd37fc1580b3210640ad87573976c466a691f5083/analysis/1505140871/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/119cb6eb0df6ddfcfb898d5dd37fc1580b3210640ad87573976c466a691f5083"
},
{
"date": "09/16/2017 13:30:01",
"source": "cowrie 159.203.x.x",
"name": "4c47af16ed609b903111ed7dddf50984eb51ed354b71edfdfbb6b1e878e7a05e",
"hash": "4c47af16ed609b903111ed7dddf50984eb51ed354b71edfdfbb6b1e878e7a05e",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.as",
"virustotal": "https://www.virustotal.com/file/4c47af16ed609b903111ed7dddf50984eb51ed354b71edfdfbb6b1e878e7a05e/analysis/1505379403/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/4c47af16ed609b903111ed7dddf50984eb51ed354b71edfdfbb6b1e878e7a05e"
},
{
"date": "09/16/2017 13:00:01",
"source": "cowrie 159.203.x.x",
"name": "b33b30c3cc7e027320e4d203303cc36a4e84b44451278bbb524ec54d5f61a4d6",
"hash": "b33b30c3cc7e027320e4d203303cc36a4e84b44451278bbb524ec54d5f61a4d6",
"type": "Bourne-Again shell script executable (binary data)",
"classification": "UNIX_PIMINE.A",
"virustotal": "https://www.virustotal.com/file/b33b30c3cc7e027320e4d203303cc36a4e84b44451278bbb524ec54d5f61a4d6/analysis/1503933575/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b33b30c3cc7e027320e4d203303cc36a4e84b44451278bbb524ec54d5f61a4d6"
},
{
"date": "09/16/2017 12:30:01",
"source": "cowrie 159.203.x.x",
"name": "5a5183c1f5fdab92e15f64f18c15a390717e313a9f049cd9de4fbb3f3adc4008",
"hash": "5a5183c1f5fdab92e15f64f18c15a390717e313a9f049cd9de4fbb3f3adc4008",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.F8B643B6",
"virustotal": "https://www.virustotal.com/file/5a5183c1f5fdab92e15f64f18c15a390717e313a9f049cd9de4fbb3f3adc4008/analysis/1505370504/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5a5183c1f5fdab92e15f64f18c15a390717e313a9f049cd9de4fbb3f3adc4008"
},
{
"date": "09/16/2017 10:00:01",
"source": "cowrie 159.203.x.x",
"name": "77aac0b78967b65b542a7005c42c20c8f025775f6c8ce28bbf527f94fcef9ad1",
"hash": "77aac0b78967b65b542a7005c42c20c8f025775f6c8ce28bbf527f94fcef9ad1",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.180C90EA",
"virustotal": "https://www.virustotal.com/file/77aac0b78967b65b542a7005c42c20c8f025775f6c8ce28bbf527f94fcef9ad1/analysis/1505361261/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/77aac0b78967b65b542a7005c42c20c8f025775f6c8ce28bbf527f94fcef9ad1"
},
{
"date": "09/16/2017 08:25:01",
"source": "deonaea 159.203.x.x",
"name": "a8f032aac678552f501049b05528c0a7",
"hash": "455a2f1905ae7ecff66011c98681f6dcfb225ffa58ff901b963222ac160bb3b1",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Midie.40511",
"virustotal": "https://www.virustotal.com/file/455a2f1905ae7ecff66011c98681f6dcfb225ffa58ff901b963222ac160bb3b1/analysis/1505546977/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a8f032aac678552f501049b05528c0a7"
},
{
"date": "09/16/2017 07:30:01",
"source": "cowrie 159.203.x.x",
"name": "fedaeeed62bbc675e1c439de84ee08a955fca86460d5f0eafa22f9ce56678a8e",
"hash": "fedaeeed62bbc675e1c439de84ee08a955fca86460d5f0eafa22f9ce56678a8e",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.D6B5FF93",
"virustotal": "https://www.virustotal.com/file/fedaeeed62bbc675e1c439de84ee08a955fca86460d5f0eafa22f9ce56678a8e/analysis/1505361267/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/fedaeeed62bbc675e1c439de84ee08a955fca86460d5f0eafa22f9ce56678a8e"
},
{
"date": "09/16/2017 05:00:01",
"source": "deonaea 192.241.x.x",
"name": "d98de55d330f556e833a38031f5ab0bb",
"hash": "5076fb4730d7b3509c5a490f543f6deff3b0d47be1522649bd71bf55e0cd531c",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Zusy.247887",
"virustotal": "https://www.virustotal.com/file/5076fb4730d7b3509c5a490f543f6deff3b0d47be1522649bd71bf55e0cd531c/analysis/1505367788/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/d98de55d330f556e833a38031f5ab0bb"
},
{
"date": "09/13/2017 05:50:01",
"source": "deonaea 192.241.x.x",
"name": "8ebdc467517b67f52ebb5538902a089d",
"hash": "e4e7427f17882fc7095ac8e770e5c4008b7a6111872e5ab29aa31144d626b0b0",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Trojan.Generic.4863548",
"virustotal": "https://www.virustotal.com/file/e4e7427f17882fc7095ac8e770e5c4008b7a6111872e5ab29aa31144d626b0b0/analysis/1505078053/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8ebdc467517b67f52ebb5538902a089d"
},
{
"date": "09/13/2017 05:50:01",
"source": "deonaea 192.241.x.x",
"name": "35586d981fbdb6841979b93acb78a5b3",
"hash": "21db158a6ac5ba9ce76fb3cb202f3b04bffc3fcdaa8af1986dff246688cd815b",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Zusy.256007",
"virustotal": "https://www.virustotal.com/file/21db158a6ac5ba9ce76fb3cb202f3b04bffc3fcdaa8af1986dff246688cd815b/analysis/1505279803/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/35586d981fbdb6841979b93acb78a5b3"
},
{
"date": "09/13/2017 03:00:01",
"source": "cowrie 159.203.x.x",
"name": "8b8251b3cfaae580857b562689d648ae0105e9f129302efb8522379f1846430c",
"hash": "8b8251b3cfaae580857b562689d648ae0105e9f129302efb8522379f1846430c",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.343A5808",
"virustotal": "https://www.virustotal.com/file/8b8251b3cfaae580857b562689d648ae0105e9f129302efb8522379f1846430c/analysis/1504989131/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8b8251b3cfaae580857b562689d648ae0105e9f129302efb8522379f1846430c"
},
{
"date": "09/13/2017 03:00:01",
"source": "cowrie 159.203.x.x",
"name": "0f0a9cb13a7fe3a3436090949c6bd74d4516ef3ea9867c2b5c6136eaaa25edd0",
"hash": "0f0a9cb13a7fe3a3436090949c6bd74d4516ef3ea9867c2b5c6136eaaa25edd0",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.170AA5A2",
"virustotal": "https://www.virustotal.com/file/0f0a9cb13a7fe3a3436090949c6bd74d4516ef3ea9867c2b5c6136eaaa25edd0/analysis/1505191504/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0f0a9cb13a7fe3a3436090949c6bd74d4516ef3ea9867c2b5c6136eaaa25edd0"
},
{
"date": "09/13/2017 02:30:01",
"source": "cowrie 159.203.x.x",
"name": "5d56d374426b9bbed1eaeeb7b41846621441ce239793ad8071ac348167eb9958",
"hash": "5d56d374426b9bbed1eaeeb7b41846621441ce239793ad8071ac348167eb9958",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.A2C881B5",
"virustotal": "https://www.virustotal.com/file/5d56d374426b9bbed1eaeeb7b41846621441ce239793ad8071ac348167eb9958/analysis/1505169048/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5d56d374426b9bbed1eaeeb7b41846621441ce239793ad8071ac348167eb9958"
},
{
"date": "09/13/2017 02:00:01",
"source": "cowrie 159.203.x.x",
"name": "1a099f44ceb1a163c6a02cae8eeae089ec2b10e005fee9a8e68b48374348617f",
"hash": "1a099f44ceb1a163c6a02cae8eeae089ec2b10e005fee9a8e68b48374348617f",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.847C058C",
"virustotal": "https://www.virustotal.com/file/1a099f44ceb1a163c6a02cae8eeae089ec2b10e005fee9a8e68b48374348617f/analysis/1505192448/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1a099f44ceb1a163c6a02cae8eeae089ec2b10e005fee9a8e68b48374348617f"
},
{
"date": "09/12/2017 22:35:01",
"source": "deonaea 192.241.x.x",
"name": "8b6dd69af41aa243e9fb12cfbd426735",
"hash": "156268ea966642cff53b0d5ece4903fbaebddbcb5e3f446dff27780d30cb5a73",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Gen:Variant.Kazy.162222",
"virustotal": "https://www.virustotal.com/file/156268ea966642cff53b0d5ece4903fbaebddbcb5e3f446dff27780d30cb5a73/analysis/1505255585/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8b6dd69af41aa243e9fb12cfbd426735"
},
{
"date": "09/12/2017 21:05:01",
"source": "cowrie 159.203.x.x",
"name": "ef0110b4a84f3cfba9e5fe75145376ed172fbb5bd7e58b04ba4d3be958dd7f8b",
"hash": "ef0110b4a84f3cfba9e5fe75145376ed172fbb5bd7e58b04ba4d3be958dd7f8b",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.73FCAD13",
"virustotal": "https://www.virustotal.com/file/ef0110b4a84f3cfba9e5fe75145376ed172fbb5bd7e58b04ba4d3be958dd7f8b/analysis/1505251847/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ef0110b4a84f3cfba9e5fe75145376ed172fbb5bd7e58b04ba4d3be958dd7f8b"
},
{
"date": "09/12/2017 21:05:01",
"source": "cowrie 159.203.x.x",
"name": "cc49523865b958f970e969dcbbde724fbcc5d5154ac55f225afa18819b229989",
"hash": "cc49523865b958f970e969dcbbde724fbcc5d5154ac55f225afa18819b229989",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.6478B7D0",
"virustotal": "https://www.virustotal.com/file/cc49523865b958f970e969dcbbde724fbcc5d5154ac55f225afa18819b229989/analysis/1505230551/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/cc49523865b958f970e969dcbbde724fbcc5d5154ac55f225afa18819b229989"
},
{
"date": "09/12/2017 20:20:01",
"source": "deonaea 159.203.x.x",
"name": "1477097d676039ec723218229a87b6b1",
"hash": "6bd4d60eec00cef143e519b6b19c1769941e518c8ae3a01c22b9066ec6cd2282",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Virtob.Gen.12",
"virustotal": "https://www.virustotal.com/file/6bd4d60eec00cef143e519b6b19c1769941e518c8ae3a01c22b9066ec6cd2282/analysis/1505230876/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1477097d676039ec723218229a87b6b1"
},
{
"date": "09/12/2017 18:25:01",
"source": "deonaea 192.241.x.x",
"name": "5bf25438c1399a33d95441ce522119b9",
"hash": "b276cde411eaf04726fa643c6ec55e18e832ae31587d0b3b6d89a8d69d944d0b",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Win32.Ramnit",
"virustotal": "https://www.virustotal.com/file/b276cde411eaf04726fa643c6ec55e18e832ae31587d0b3b6d89a8d69d944d0b/analysis/1505240584/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5bf25438c1399a33d95441ce522119b9"
},
{
"date": "09/12/2017 15:15:01",
"source": "deonaea 192.241.x.x",
"name": "075b94948fdc74af8bbe0d85e28b578a",
"hash": "de63304488ed44ef212f6ea6fd754b715621ed67b752de66f6331aaebb270b19",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Adware.Rukometa.Symmi.2",
"virustotal": "https://www.virustotal.com/file/de63304488ed44ef212f6ea6fd754b715621ed67b752de66f6331aaebb270b19/analysis/1505178090/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/075b94948fdc74af8bbe0d85e28b578a"
},
{
"date": "09/12/2017 14:00:01",
"source": "cowrie 159.203.x.x",
"name": "a21c1f87ddec3d10f0bfb3fd7b9ceceff26ebf9d7a4825e6e186675b3269473b",
"hash": "a21c1f87ddec3d10f0bfb3fd7b9ceceff26ebf9d7a4825e6e186675b3269473b",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.54D9402F",
"virustotal": "https://www.virustotal.com/file/a21c1f87ddec3d10f0bfb3fd7b9ceceff26ebf9d7a4825e6e186675b3269473b/analysis/1505169006/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a21c1f87ddec3d10f0bfb3fd7b9ceceff26ebf9d7a4825e6e186675b3269473b"
},
{
"date": "09/12/2017 12:45:01",
"source": "deonaea 159.203.x.x",
"name": "eaefd842adf513023ee0a9fc3b035c46",
"hash": "65c5363396c8222f675536d7716823679c537980532a6ee5082caf700eb2a7e5",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Virtob.Gen.12",
"virustotal": "https://www.virustotal.com/file/65c5363396c8222f675536d7716823679c537980532a6ee5082caf700eb2a7e5/analysis/1505219015/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/eaefd842adf513023ee0a9fc3b035c46"
},
{
"date": "09/12/2017 12:40:01",
"source": "deonaea 159.203.x.x",
"name": "ce47d82d40a2bd00dd1a2e0b00f93a06",
"hash": "1376882598c8f0be4e36b714bc11bcf407a85a3b4475568656ee90d520955363",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.170215",
"virustotal": "https://www.virustotal.com/file/1376882598c8f0be4e36b714bc11bcf407a85a3b4475568656ee90d520955363/analysis/1505218695/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ce47d82d40a2bd00dd1a2e0b00f93a06"
},
{
"date": "09/12/2017 11:00:01",
"source": "deonaea 192.241.x.x",
"name": "80494ff49e034264472a2db07719fadb",
"hash": "95c6751ad130dce43cbceebf5319281c28cb47e279e0dd9063bd1b06eba54b9a",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.60408",
"virustotal": "https://www.virustotal.com/file/95c6751ad130dce43cbceebf5319281c28cb47e279e0dd9063bd1b06eba54b9a/analysis/1505212159/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/80494ff49e034264472a2db07719fadb"
},
{
"date": "09/12/2017 02:30:01",
"source": "cowrie 159.203.x.x",
"name": "0636d8749ecb285c293dc533c9b7690ba17ac7902488bf39164129a12d54c1c3",
"hash": "0636d8749ecb285c293dc533c9b7690ba17ac7902488bf39164129a12d54c1c3",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.9, not stripped",
"classification": "Gen:Variant.Trojan.Linux.XorDDoS.2",
"virustotal": "https://www.virustotal.com/file/0636d8749ecb285c293dc533c9b7690ba17ac7902488bf39164129a12d54c1c3/analysis/1505106626/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0636d8749ecb285c293dc533c9b7690ba17ac7902488bf39164129a12d54c1c3"
},
{
"date": "09/12/2017 00:00:01",
"source": "cowrie 159.203.x.x",
"name": "e8870d855c6592d00913d785affd6b7bd0496643450668d83b40d149c42d1239",
"hash": "e8870d855c6592d00913d785affd6b7bd0496643450668d83b40d149c42d1239",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.89B90EB0",
"virustotal": "https://www.virustotal.com/file/e8870d855c6592d00913d785affd6b7bd0496643450668d83b40d149c42d1239/analysis/1505126156/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e8870d855c6592d00913d785affd6b7bd0496643450668d83b40d149c42d1239"
},
{
"date": "09/11/2017 23:00:01",
"source": "cowrie 159.203.x.x",
"name": "87c8277c2f13b8d5cf9eea176b7968e85e94ebd416b0e13eb7d154ced9cd44ac",
"hash": "87c8277c2f13b8d5cf9eea176b7968e85e94ebd416b0e13eb7d154ced9cd44ac",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.A02C5179",
"virustotal": "https://www.virustotal.com/file/87c8277c2f13b8d5cf9eea176b7968e85e94ebd416b0e13eb7d154ced9cd44ac/analysis/1505052243/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/87c8277c2f13b8d5cf9eea176b7968e85e94ebd416b0e13eb7d154ced9cd44ac"
},
{
"date": "09/11/2017 22:55:01",
"source": "cowrie 159.203.x.x",
"name": "93aec65d669447d54cf4da20f7071c225bcaf198cc35dce9c5ea92684f6297d2",
"hash": "93aec65d669447d54cf4da20f7071c225bcaf198cc35dce9c5ea92684f6297d2",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.D5C9FCE6",
"virustotal": "https://www.virustotal.com/file/93aec65d669447d54cf4da20f7071c225bcaf198cc35dce9c5ea92684f6297d2/analysis/1505050538/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/93aec65d669447d54cf4da20f7071c225bcaf198cc35dce9c5ea92684f6297d2"
},
{
"date": "09/11/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "f05a657fe33ab89d3d4acb8611a25176c8f1c2eaba2f7b5585edcb24c468d2db",
"hash": "f05a657fe33ab89d3d4acb8611a25176c8f1c2eaba2f7b5585edcb24c468d2db",
"type": "ASCII text, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/f05a657fe33ab89d3d4acb8611a25176c8f1c2eaba2f7b5585edcb24c468d2db/analysis/1494024742/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f05a657fe33ab89d3d4acb8611a25176c8f1c2eaba2f7b5585edcb24c468d2db"
},
{
"date": "09/11/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "dd564577819dfbb4773c539652a78d6167aec9915f78f2537b749428ec6239fa",
"hash": "dd564577819dfbb4773c539652a78d6167aec9915f78f2537b749428ec6239fa",
"type": "ASCII text, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/dd564577819dfbb4773c539652a78d6167aec9915f78f2537b749428ec6239fa/analysis/1505153107/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/dd564577819dfbb4773c539652a78d6167aec9915f78f2537b749428ec6239fa"
},
{
"date": "09/11/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "c848799ad78d58ef8ff8d0b25626478c9fba96b1819074cfeeb3053b01cef546",
"hash": "c848799ad78d58ef8ff8d0b25626478c9fba96b1819074cfeeb3053b01cef546",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/c848799ad78d58ef8ff8d0b25626478c9fba96b1819074cfeeb3053b01cef546/analysis/1505153436/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/c848799ad78d58ef8ff8d0b25626478c9fba96b1819074cfeeb3053b01cef546"
},
{
"date": "09/11/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "c2952098e3f3c38af54507e3cbf55637bfbc2f233dffd0435eca8b3adbfe570a",
"hash": "c2952098e3f3c38af54507e3cbf55637bfbc2f233dffd0435eca8b3adbfe570a",
"type": "Python script, ASCII text executable",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/c2952098e3f3c38af54507e3cbf55637bfbc2f233dffd0435eca8b3adbfe570a/analysis/1505135186/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/c2952098e3f3c38af54507e3cbf55637bfbc2f233dffd0435eca8b3adbfe570a"
},
{
"date": "09/11/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "c1f5914597d3166d884c5ea323cc40f7fdae81a4b3114b7f76731b35c2870032",
"hash": "c1f5914597d3166d884c5ea323cc40f7fdae81a4b3114b7f76731b35c2870032",
"type": "ASCII text, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/c1f5914597d3166d884c5ea323cc40f7fdae81a4b3114b7f76731b35c2870032/analysis/1505135167/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/c1f5914597d3166d884c5ea323cc40f7fdae81a4b3114b7f76731b35c2870032"
},
{
"date": "09/11/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "bb2ea48504278c18ad994ac61dc511dd97bc70c2d88c1e926e757ddade921ae3",
"hash": "bb2ea48504278c18ad994ac61dc511dd97bc70c2d88c1e926e757ddade921ae3",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/bb2ea48504278c18ad994ac61dc511dd97bc70c2d88c1e926e757ddade921ae3/analysis/1505135182/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/bb2ea48504278c18ad994ac61dc511dd97bc70c2d88c1e926e757ddade921ae3"
},
{
"date": "09/11/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "b0a7c216e09938367fcd2f072285f62d53eefb2a48baf8835415b965e029ca20",
"hash": "b0a7c216e09938367fcd2f072285f62d53eefb2a48baf8835415b965e029ca20",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/b0a7c216e09938367fcd2f072285f62d53eefb2a48baf8835415b965e029ca20/analysis/1458130687/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b0a7c216e09938367fcd2f072285f62d53eefb2a48baf8835415b965e029ca20"
},
{
"date": "09/11/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "98fb85a468cded07f8798f129a68e0f5eef133b03997e367990a1b7f134390df",
"hash": "98fb85a468cded07f8798f129a68e0f5eef133b03997e367990a1b7f134390df",
"type": "ASCII text, with escape sequences",
"classification": "Perl:Flooder-E [Trj]",
"virustotal": "https://www.virustotal.com/file/98fb85a468cded07f8798f129a68e0f5eef133b03997e367990a1b7f134390df/analysis/1499015107/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/98fb85a468cded07f8798f129a68e0f5eef133b03997e367990a1b7f134390df"
},
{
"date": "09/11/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "898ed3bdcb749c665866ee2750ab50d7ac5da6b666546fcd952cfc4cbc0c33b4",
"hash": "898ed3bdcb749c665866ee2750ab50d7ac5da6b666546fcd952cfc4cbc0c33b4",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/898ed3bdcb749c665866ee2750ab50d7ac5da6b666546fcd952cfc4cbc0c33b4/analysis/1458130693/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/898ed3bdcb749c665866ee2750ab50d7ac5da6b666546fcd952cfc4cbc0c33b4"
},
{
"date": "09/11/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "5c734c6ec34a7f44fe3168f8bb0a464acaf5eaf449ff7719435dd277657fd211",
"hash": "5c734c6ec34a7f44fe3168f8bb0a464acaf5eaf449ff7719435dd277657fd211",
"type": "C source, ASCII text, with escape sequences",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/5c734c6ec34a7f44fe3168f8bb0a464acaf5eaf449ff7719435dd277657fd211/analysis/1494024660/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5c734c6ec34a7f44fe3168f8bb0a464acaf5eaf449ff7719435dd277657fd211"
},
{
"date": "09/11/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "4dc99ee3fd4b51e751ee6507483bfb863bd876d364fb65c60aba3b4989ffc63a",
"hash": "4dc99ee3fd4b51e751ee6507483bfb863bd876d364fb65c60aba3b4989ffc63a",
"type": "ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.18, BuildID[sha1]=81bae420eecde53713960b2116ea93f0f428dcc9, not stripped",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/4dc99ee3fd4b51e751ee6507483bfb863bd876d364fb65c60aba3b4989ffc63a/analysis/1493738644/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/4dc99ee3fd4b51e751ee6507483bfb863bd876d364fb65c60aba3b4989ffc63a"
},
{
"date": "09/11/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "43c03d3d1fe523f48d6cd97f5c4d409234b187bf09d49f029a4f84179e3ffdf2",
"hash": "43c03d3d1fe523f48d6cd97f5c4d409234b187bf09d49f029a4f84179e3ffdf2",
"type": "UTF-8 Unicode text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/43c03d3d1fe523f48d6cd97f5c4d409234b187bf09d49f029a4f84179e3ffdf2/analysis/1505135196/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/43c03d3d1fe523f48d6cd97f5c4d409234b187bf09d49f029a4f84179e3ffdf2"
},
{
"date": "09/11/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "40b7860be8880e7fec74bf129e824302570cc07714284c134982f2aeb3a6d9e1",
"hash": "40b7860be8880e7fec74bf129e824302570cc07714284c134982f2aeb3a6d9e1",
"type": "GNOME keyring, major version 0, minor version 0, crypto type 0 (AES), hash type 0 (MD5), name ",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/40b7860be8880e7fec74bf129e824302570cc07714284c134982f2aeb3a6d9e1/analysis/1505153064/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/40b7860be8880e7fec74bf129e824302570cc07714284c134982f2aeb3a6d9e1"
},
{
"date": "09/11/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "3f2a254412563ce1bf760233a44ebd2d6051af03d0c7c7b0cda291be94489812",
"hash": "3f2a254412563ce1bf760233a44ebd2d6051af03d0c7c7b0cda291be94489812",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.16, stripped",
"classification": "HackTool.Linux.Sshbru.i",
"virustotal": "https://www.virustotal.com/file/3f2a254412563ce1bf760233a44ebd2d6051af03d0c7c7b0cda291be94489812/analysis/1493738644/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/3f2a254412563ce1bf760233a44ebd2d6051af03d0c7c7b0cda291be94489812"
},
{
"date": "09/11/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "3012e3e44d47a12f9adbac228ab5e7d7c812caf941a83a2de93183352688574d",
"hash": "3012e3e44d47a12f9adbac228ab5e7d7c812caf941a83a2de93183352688574d",
"type": "Bourne-Again shell script, ASCII text executable, with escape sequences",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/3012e3e44d47a12f9adbac228ab5e7d7c812caf941a83a2de93183352688574d/analysis/1494024672/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/3012e3e44d47a12f9adbac228ab5e7d7c812caf941a83a2de93183352688574d"
},
{
"date": "09/11/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "2584c4ba8b0d2a52d94023f420b7e356a1b1a3f2291ad5eba06683d58c48570d",
"hash": "2584c4ba8b0d2a52d94023f420b7e356a1b1a3f2291ad5eba06683d58c48570d",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/2584c4ba8b0d2a52d94023f420b7e356a1b1a3f2291ad5eba06683d58c48570d/analysis/1495585344/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2584c4ba8b0d2a52d94023f420b7e356a1b1a3f2291ad5eba06683d58c48570d"
},
{
"date": "09/11/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "23592cdd3b5613f1b641eede14704ac51c2940e24a9b51b64e20bf5abc0361a8",
"hash": "23592cdd3b5613f1b641eede14704ac51c2940e24a9b51b64e20bf5abc0361a8",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/23592cdd3b5613f1b641eede14704ac51c2940e24a9b51b64e20bf5abc0361a8/analysis/1505135171/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/23592cdd3b5613f1b641eede14704ac51c2940e24a9b51b64e20bf5abc0361a8"
},
{
"date": "09/11/2017 15:35:01",
"source": "deonaea 159.203.x.x",
"name": "7ca232677b9014b244e08b4cc853343f",
"hash": "7afa20052e3bd10733d29e5a3ff3098a7d955b5875d6ff9a608884973afd71df",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Mikey.70718",
"virustotal": "https://www.virustotal.com/file/7afa20052e3bd10733d29e5a3ff3098a7d955b5875d6ff9a608884973afd71df/analysis/1505145608/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7ca232677b9014b244e08b4cc853343f"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "fac60f4dea192ef859cbc78ed165e1bf73a1e7423e5d444d2615803cf3a5fb87",
"hash": "fac60f4dea192ef859cbc78ed165e1bf73a1e7423e5d444d2615803cf3a5fb87",
"type": "Bourne-Again shell script, ASCII text executable, with escape sequences",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/fac60f4dea192ef859cbc78ed165e1bf73a1e7423e5d444d2615803cf3a5fb87/analysis/1495073356/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/fac60f4dea192ef859cbc78ed165e1bf73a1e7423e5d444d2615803cf3a5fb87"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "f785a82daf1552e8bd89f56a899445dbfb25f7b535588bd38d725b38e7e49e0d",
"hash": "f785a82daf1552e8bd89f56a899445dbfb25f7b535588bd38d725b38e7e49e0d",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/f785a82daf1552e8bd89f56a899445dbfb25f7b535588bd38d725b38e7e49e0d/analysis/1495062508/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f785a82daf1552e8bd89f56a899445dbfb25f7b535588bd38d725b38e7e49e0d"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "ebbf760a1043e380fceaf9445de186b2ae0ece023ecd2cd486319a061df651b5",
"hash": "ebbf760a1043e380fceaf9445de186b2ae0ece023ecd2cd486319a061df651b5",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/ebbf760a1043e380fceaf9445de186b2ae0ece023ecd2cd486319a061df651b5/analysis/1500651220/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ebbf760a1043e380fceaf9445de186b2ae0ece023ecd2cd486319a061df651b5"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "e81e38c4385a63b3f3bc37f7f66800b9a9515f0d3ef38509b27413d7073099e9",
"hash": "e81e38c4385a63b3f3bc37f7f66800b9a9515f0d3ef38509b27413d7073099e9",
"type": "ASCII text, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/e81e38c4385a63b3f3bc37f7f66800b9a9515f0d3ef38509b27413d7073099e9/analysis/1505143582/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e81e38c4385a63b3f3bc37f7f66800b9a9515f0d3ef38509b27413d7073099e9"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "e7031aaa218f814ec442f7fc5cc545980a537d777db491c425d60f0be3366074",
"hash": "e7031aaa218f814ec442f7fc5cc545980a537d777db491c425d60f0be3366074",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Exploit-Generic",
"virustotal": "https://www.virustotal.com/file/e7031aaa218f814ec442f7fc5cc545980a537d777db491c425d60f0be3366074/analysis/1495073360/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e7031aaa218f814ec442f7fc5cc545980a537d777db491c425d60f0be3366074"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "e533fddcdfcb02761be082319836c4f24813c6017f3b755d22bbde141deba53e",
"hash": "e533fddcdfcb02761be082319836c4f24813c6017f3b755d22bbde141deba53e",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/e533fddcdfcb02761be082319836c4f24813c6017f3b755d22bbde141deba53e/analysis/1501779567/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e533fddcdfcb02761be082319836c4f24813c6017f3b755d22bbde141deba53e"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "e09ce62d6e6422ea27bde29b4ec5c5d8bb381ce624c0efbd268d6837a96ddd92",
"hash": "e09ce62d6e6422ea27bde29b4ec5c5d8bb381ce624c0efbd268d6837a96ddd92",
"type": "Bourne-Again shell script, ISO-8859 text executable, with escape sequences",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/e09ce62d6e6422ea27bde29b4ec5c5d8bb381ce624c0efbd268d6837a96ddd92/analysis/1502712378/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e09ce62d6e6422ea27bde29b4ec5c5d8bb381ce624c0efbd268d6837a96ddd92"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "deb9cc47e90bdcca1f06e0c849458e4fc09f170a4a4745e221726a680a2f366b",
"hash": "deb9cc47e90bdcca1f06e0c849458e4fc09f170a4a4745e221726a680a2f366b",
"type": "Bourne-Again shell script, ASCII text executable, with escape sequences",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/deb9cc47e90bdcca1f06e0c849458e4fc09f170a4a4745e221726a680a2f366b/analysis/1501553941/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/deb9cc47e90bdcca1f06e0c849458e4fc09f170a4a4745e221726a680a2f366b"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "cc3f6c535787c71bed14ec8ac3b6feb59fe3b09fc53c69f1fe592103f2632764",
"hash": "cc3f6c535787c71bed14ec8ac3b6feb59fe3b09fc53c69f1fe592103f2632764",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, for GNU/Linux 2.2.5, not stripped",
"classification": "Trojan.Hacktool.Linux.Pscan.A",
"virustotal": "https://www.virustotal.com/file/cc3f6c535787c71bed14ec8ac3b6feb59fe3b09fc53c69f1fe592103f2632764/analysis/1502935031/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/cc3f6c535787c71bed14ec8ac3b6feb59fe3b09fc53c69f1fe592103f2632764"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "c8e4ed5933cd83d52a5876311cf1930e53fa5457dceea3c7efc9ed956f7a73b1",
"hash": "c8e4ed5933cd83d52a5876311cf1930e53fa5457dceea3c7efc9ed956f7a73b1",
"type": "C++ source, ASCII text, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/c8e4ed5933cd83d52a5876311cf1930e53fa5457dceea3c7efc9ed956f7a73b1/analysis/1495073358/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/c8e4ed5933cd83d52a5876311cf1930e53fa5457dceea3c7efc9ed956f7a73b1"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "c4d5e7e14595d1becd00e3dcfff4b86eb10fc7634f3615ccbed2c861b4ee5fb4",
"hash": "c4d5e7e14595d1becd00e3dcfff4b86eb10fc7634f3615ccbed2c861b4ee5fb4",
"type": "ISO-8859 text, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/c4d5e7e14595d1becd00e3dcfff4b86eb10fc7634f3615ccbed2c861b4ee5fb4/analysis/1495073355/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/c4d5e7e14595d1becd00e3dcfff4b86eb10fc7634f3615ccbed2c861b4ee5fb4"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "c474467b8c5423ff2c27156ba57921b42407ff9566d9d977fa0b562af68136c5",
"hash": "c474467b8c5423ff2c27156ba57921b42407ff9566d9d977fa0b562af68136c5",
"type": "Python script, ASCII text executable",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/c474467b8c5423ff2c27156ba57921b42407ff9566d9d977fa0b562af68136c5/analysis/1489319509/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/c474467b8c5423ff2c27156ba57921b42407ff9566d9d977fa0b562af68136c5"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "c3337a74bda26940ee3c457e4bc53aeade70d96e9b1fc823079c2a326061613d",
"hash": "c3337a74bda26940ee3c457e4bc53aeade70d96e9b1fc823079c2a326061613d",
"type": "ASCII text, with escape sequences",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/c3337a74bda26940ee3c457e4bc53aeade70d96e9b1fc823079c2a326061613d/analysis/1468678843/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/c3337a74bda26940ee3c457e4bc53aeade70d96e9b1fc823079c2a326061613d"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "b7bfce3e886608199e7dd31bcd4af0d84eaa90267e45273278e8826dfa993133",
"hash": "b7bfce3e886608199e7dd31bcd4af0d84eaa90267e45273278e8826dfa993133",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/b7bfce3e886608199e7dd31bcd4af0d84eaa90267e45273278e8826dfa993133/analysis/1495040250/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b7bfce3e886608199e7dd31bcd4af0d84eaa90267e45273278e8826dfa993133"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "b65938eba26657c0f47d874fbe6b6f7c8713b627303dafa638ba6fca1889d1fa",
"hash": "b65938eba26657c0f47d874fbe6b6f7c8713b627303dafa638ba6fca1889d1fa",
"type": "Bourne-Again shell script, ASCII text executable, with escape sequences",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/b65938eba26657c0f47d874fbe6b6f7c8713b627303dafa638ba6fca1889d1fa/analysis/1505142322/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b65938eba26657c0f47d874fbe6b6f7c8713b627303dafa638ba6fca1889d1fa"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "b2ada872cafc31398abd513e1ccfc6eb39b3535af55f04d35a3370d505c8f616",
"hash": "b2ada872cafc31398abd513e1ccfc6eb39b3535af55f04d35a3370d505c8f616",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/b2ada872cafc31398abd513e1ccfc6eb39b3535af55f04d35a3370d505c8f616/analysis/1505143500/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b2ada872cafc31398abd513e1ccfc6eb39b3535af55f04d35a3370d505c8f616"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "b240c1e6b061db03ce1a51da93bb2471d038330174600f71c30bff77fdf47263",
"hash": "b240c1e6b061db03ce1a51da93bb2471d038330174600f71c30bff77fdf47263",
"type": "C++ source, ASCII text, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/b240c1e6b061db03ce1a51da93bb2471d038330174600f71c30bff77fdf47263/analysis/1505142581/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b240c1e6b061db03ce1a51da93bb2471d038330174600f71c30bff77fdf47263"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "ad8eb460de657389f39545beb08cd9732ab95a3b250d3093d05dbce8aaa1029b",
"hash": "ad8eb460de657389f39545beb08cd9732ab95a3b250d3093d05dbce8aaa1029b",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/ad8eb460de657389f39545beb08cd9732ab95a3b250d3093d05dbce8aaa1029b/analysis/1505142142/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ad8eb460de657389f39545beb08cd9732ab95a3b250d3093d05dbce8aaa1029b"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "97093a1ef729cb954b2a63d7ccc304b18d0243e2a77d87bbbb94741a0290d762",
"hash": "97093a1ef729cb954b2a63d7ccc304b18d0243e2a77d87bbbb94741a0290d762",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.0.0, stripped, too many notes (256)",
"classification": "Virtool.Linux.Shark.A",
"virustotal": "https://www.virustotal.com/file/97093a1ef729cb954b2a63d7ccc304b18d0243e2a77d87bbbb94741a0290d762/analysis/1505104802/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/97093a1ef729cb954b2a63d7ccc304b18d0243e2a77d87bbbb94741a0290d762"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "93df64cc0ff902ad1e80ada56023610ec2c44c3ecde2d36d37a3a748c7fd42bd",
"hash": "93df64cc0ff902ad1e80ada56023610ec2c44c3ecde2d36d37a3a748c7fd42bd",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.0.0, stripped",
"classification": "Linux.CornelGEN.225",
"virustotal": "https://www.virustotal.com/file/93df64cc0ff902ad1e80ada56023610ec2c44c3ecde2d36d37a3a748c7fd42bd/analysis/1505104625/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/93df64cc0ff902ad1e80ada56023610ec2c44c3ecde2d36d37a3a748c7fd42bd"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "8f5a75505125e36671a4af013d68716ef26389ff895468d1fb6af83615690b04",
"hash": "8f5a75505125e36671a4af013d68716ef26389ff895468d1fb6af83615690b04",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/8f5a75505125e36671a4af013d68716ef26389ff895468d1fb6af83615690b04/analysis/1495073360/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8f5a75505125e36671a4af013d68716ef26389ff895468d1fb6af83615690b04"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "863fea751e0d533ee1900288b266676e06335995623750ed0e710a8790628420",
"hash": "863fea751e0d533ee1900288b266676e06335995623750ed0e710a8790628420",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/863fea751e0d533ee1900288b266676e06335995623750ed0e710a8790628420/analysis/1498482714/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/863fea751e0d533ee1900288b266676e06335995623750ed0e710a8790628420"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "810cdf16a7450e326794503c62a59d6d2380c6e7a13cb244b78bf11c0fb82b70",
"hash": "810cdf16a7450e326794503c62a59d6d2380c6e7a13cb244b78bf11c0fb82b70",
"type": "ASCII text, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/810cdf16a7450e326794503c62a59d6d2380c6e7a13cb244b78bf11c0fb82b70/analysis/1505143458/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/810cdf16a7450e326794503c62a59d6d2380c6e7a13cb244b78bf11c0fb82b70"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "7c1daf8ead80d56df1d8bfd8c7e69ae9b6e11f3e1622603fee7f9fee4cf98043",
"hash": "7c1daf8ead80d56df1d8bfd8c7e69ae9b6e11f3e1622603fee7f9fee4cf98043",
"type": "ISO-8859 text",
"classification": "BV:Sshscan-E [Trj]",
"virustotal": "https://www.virustotal.com/file/7c1daf8ead80d56df1d8bfd8c7e69ae9b6e11f3e1622603fee7f9fee4cf98043/analysis/1500651213/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7c1daf8ead80d56df1d8bfd8c7e69ae9b6e11f3e1622603fee7f9fee4cf98043"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "65be48b3773362a2447104a064019f5d71303e26891fdf1950166f6578098769",
"hash": "65be48b3773362a2447104a064019f5d71303e26891fdf1950166f6578098769",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/65be48b3773362a2447104a064019f5d71303e26891fdf1950166f6578098769/analysis/1501779561/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/65be48b3773362a2447104a064019f5d71303e26891fdf1950166f6578098769"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "5d27f4db044165377ef8bd390bec2a6b5921b9340b29f03b705409e5b82d7939",
"hash": "5d27f4db044165377ef8bd390bec2a6b5921b9340b29f03b705409e5b82d7939",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/5d27f4db044165377ef8bd390bec2a6b5921b9340b29f03b705409e5b82d7939/analysis/1505143082/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5d27f4db044165377ef8bd390bec2a6b5921b9340b29f03b705409e5b82d7939"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "570bf202953253d2b6b9ddcecd42fb66c5a86b32682f0e0a6e78a0218f3a08f6",
"hash": "570bf202953253d2b6b9ddcecd42fb66c5a86b32682f0e0a6e78a0218f3a08f6",
"type": "a /usr/bin/perl script, ASCII text executable, with escape sequences",
"classification": "Trojan.Hacktool.Flood.A",
"virustotal": "https://www.virustotal.com/file/570bf202953253d2b6b9ddcecd42fb66c5a86b32682f0e0a6e78a0218f3a08f6/analysis/1505143208/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/570bf202953253d2b6b9ddcecd42fb66c5a86b32682f0e0a6e78a0218f3a08f6"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "5402d92d18339f04f926398071eecb4a4858eac5cf2cd7938920ff94d33dec4e",
"hash": "5402d92d18339f04f926398071eecb4a4858eac5cf2cd7938920ff94d33dec4e",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/5402d92d18339f04f926398071eecb4a4858eac5cf2cd7938920ff94d33dec4e/analysis/1470846782/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5402d92d18339f04f926398071eecb4a4858eac5cf2cd7938920ff94d33dec4e"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "4c079bee2efe8f84b0f78b287a403bd42306bd8083c975173b835c8af315daca",
"hash": "4c079bee2efe8f84b0f78b287a403bd42306bd8083c975173b835c8af315daca",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/4c079bee2efe8f84b0f78b287a403bd42306bd8083c975173b835c8af315daca/analysis/1500651224/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/4c079bee2efe8f84b0f78b287a403bd42306bd8083c975173b835c8af315daca"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "49df03ea6f437a4746d1ed467882e1b1a34b1391f004b7257bf576fe55c2837a",
"hash": "49df03ea6f437a4746d1ed467882e1b1a34b1391f004b7257bf576fe55c2837a",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/49df03ea6f437a4746d1ed467882e1b1a34b1391f004b7257bf576fe55c2837a/analysis/1495073359/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/49df03ea6f437a4746d1ed467882e1b1a34b1391f004b7257bf576fe55c2837a"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "3c00611b670b128c1ca6d3c6f0e9522eea385e0670e74a9b2b26325b4e13c864",
"hash": "3c00611b670b128c1ca6d3c6f0e9522eea385e0670e74a9b2b26325b4e13c864",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.16, stripped",
"classification": "HackTool.Linux.Sshbru.i",
"virustotal": "https://www.virustotal.com/file/3c00611b670b128c1ca6d3c6f0e9522eea385e0670e74a9b2b26325b4e13c864/analysis/1502157233/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/3c00611b670b128c1ca6d3c6f0e9522eea385e0670e74a9b2b26325b4e13c864"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "3b6a858c53629ab2ef5373126f3830ee424ccebec259a87b9713143f26335175",
"hash": "3b6a858c53629ab2ef5373126f3830ee424ccebec259a87b9713143f26335175",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/3b6a858c53629ab2ef5373126f3830ee424ccebec259a87b9713143f26335175/analysis/1505142623/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/3b6a858c53629ab2ef5373126f3830ee424ccebec259a87b9713143f26335175"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "2ede344e0415193d41b90d3cdfbf8558c307d8b8182464dfe15655ea1f88eab0",
"hash": "2ede344e0415193d41b90d3cdfbf8558c307d8b8182464dfe15655ea1f88eab0",
"type": "ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux), statically linked, for GNU/Linux 2.6.24, BuildID[sha1]=ae0bfb90b55d423c81168cb13c488d4cf68ffc60, not stripped",
"classification": "HEUR:HackTool.Linux.Portscan.a",
"virustotal": "https://www.virustotal.com/file/2ede344e0415193d41b90d3cdfbf8558c307d8b8182464dfe15655ea1f88eab0/analysis/1502157517/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2ede344e0415193d41b90d3cdfbf8558c307d8b8182464dfe15655ea1f88eab0"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "1d544b61c13a63b115d45fd9e2c8647d179cea8e027148ee48dfd5b421daf6ae",
"hash": "1d544b61c13a63b115d45fd9e2c8647d179cea8e027148ee48dfd5b421daf6ae",
"type": "C++ source, ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/1d544b61c13a63b115d45fd9e2c8647d179cea8e027148ee48dfd5b421daf6ae/analysis/1495073362/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1d544b61c13a63b115d45fd9e2c8647d179cea8e027148ee48dfd5b421daf6ae"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "1a286986ebbe66abbedcc76ae4e2fd23c2668b076cd9dc79bf53c24961041ab8",
"hash": "1a286986ebbe66abbedcc76ae4e2fd23c2668b076cd9dc79bf53c24961041ab8",
"type": "C source, UTF-8 Unicode text, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/1a286986ebbe66abbedcc76ae4e2fd23c2668b076cd9dc79bf53c24961041ab8/analysis/1495073358/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1a286986ebbe66abbedcc76ae4e2fd23c2668b076cd9dc79bf53c24961041ab8"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "1225cc15a71886e5b11fca3dc3b4c4bcde39f4c7c9fbce6bad5e4d3ceee21b3a",
"hash": "1225cc15a71886e5b11fca3dc3b4c4bcde39f4c7c9fbce6bad5e4d3ceee21b3a",
"type": "ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux), statically linked, stripped",
"classification": "Other:PUP-gen [PUP]",
"virustotal": "https://www.virustotal.com/file/1225cc15a71886e5b11fca3dc3b4c4bcde39f4c7c9fbce6bad5e4d3ceee21b3a/analysis/1498539416/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1225cc15a71886e5b11fca3dc3b4c4bcde39f4c7c9fbce6bad5e4d3ceee21b3a"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "0c6428adee861c946cc73dadcf7f7b32d11e0509ae5ff2fa39eddf8648b71bad",
"hash": "0c6428adee861c946cc73dadcf7f7b32d11e0509ae5ff2fa39eddf8648b71bad",
"type": "C source, ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/0c6428adee861c946cc73dadcf7f7b32d11e0509ae5ff2fa39eddf8648b71bad/analysis/1502712371/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0c6428adee861c946cc73dadcf7f7b32d11e0509ae5ff2fa39eddf8648b71bad"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "0afd9db9d954b738bdc4c67b691d3912dbe3bd8a35728d50a6ea388f316e5f15",
"hash": "0afd9db9d954b738bdc4c67b691d3912dbe3bd8a35728d50a6ea388f316e5f15",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/0afd9db9d954b738bdc4c67b691d3912dbe3bd8a35728d50a6ea388f316e5f15/analysis/1505142366/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0afd9db9d954b738bdc4c67b691d3912dbe3bd8a35728d50a6ea388f316e5f15"
},
{
"date": "09/11/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "00ed74576024ab3d2b4e5efa828aee6d84034fdf7bc2bd4efcb5ec78014aa493",
"hash": "00ed74576024ab3d2b4e5efa828aee6d84034fdf7bc2bd4efcb5ec78014aa493",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/00ed74576024ab3d2b4e5efa828aee6d84034fdf7bc2bd4efcb5ec78014aa493/analysis/1505143373/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/00ed74576024ab3d2b4e5efa828aee6d84034fdf7bc2bd4efcb5ec78014aa493"
},
{
"date": "09/11/2017 14:35:01",
"source": "cowrie 159.203.x.x",
"name": "643ff2c81afa2779d171e44635f3d24ecea9dc2f34323ce58896f9affadc5025",
"hash": "643ff2c81afa2779d171e44635f3d24ecea9dc2f34323ce58896f9affadc5025",
"type": "Zip archive data, at least v1.0 to extract",
"classification": "HackTool.Linux.Sshbru.i",
"virustotal": "https://www.virustotal.com/file/643ff2c81afa2779d171e44635f3d24ecea9dc2f34323ce58896f9affadc5025/analysis/1504697067/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/643ff2c81afa2779d171e44635f3d24ecea9dc2f34323ce58896f9affadc5025"
},
{
"date": "09/11/2017 14:30:01",
"source": "cowrie 159.203.x.x",
"name": "01e5fd09290c33b668a86feb7eccf3d43b853181cd829827f79e4ce0d1ed4a8d",
"hash": "01e5fd09290c33b668a86feb7eccf3d43b853181cd829827f79e4ce0d1ed4a8d",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.4404D389",
"virustotal": "https://www.virustotal.com/file/01e5fd09290c33b668a86feb7eccf3d43b853181cd829827f79e4ce0d1ed4a8d/analysis/1504897567/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/01e5fd09290c33b668a86feb7eccf3d43b853181cd829827f79e4ce0d1ed4a8d"
},
{
"date": "09/11/2017 12:00:01",
"source": "deonaea 192.241.x.x",
"name": "d21f48ba215faa68388323950b2edcc2",
"hash": "23e6483293dd63bb12c3fe2050fe47fc0c534954a0989acfc2bdfebd4e9dd9d2",
"type": "PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows",
"classification": "Gen:Trojan.Heur.ny3@vaebXVd",
"virustotal": "https://www.virustotal.com/file/23e6483293dd63bb12c3fe2050fe47fc0c534954a0989acfc2bdfebd4e9dd9d2/analysis/1505095169/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/d21f48ba215faa68388323950b2edcc2"
},
{
"date": "09/11/2017 03:00:01",
"source": "cowrie 159.203.x.x",
"name": "0b815c78b35b225de247568a47ce5e7ef8066807da43b1f5e7938854777a2267",
"hash": "0b815c78b35b225de247568a47ce5e7ef8066807da43b1f5e7938854777a2267",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.B5F0C5A4",
"virustotal": "https://www.virustotal.com/file/0b815c78b35b225de247568a47ce5e7ef8066807da43b1f5e7938854777a2267/analysis/1504885411/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0b815c78b35b225de247568a47ce5e7ef8066807da43b1f5e7938854777a2267"
},
{
"date": "09/11/2017 02:00:01",
"source": "cowrie 159.203.x.x",
"name": "5685b086ce12ffede8814e303223a67eca476735dfe4e9e84b751354a5ea0232",
"hash": "5685b086ce12ffede8814e303223a67eca476735dfe4e9e84b751354a5ea0232",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (GNU/Linux), statically linked, stripped",
"classification": "Trojan.Linux.PNScan.A",
"virustotal": "https://www.virustotal.com/file/5685b086ce12ffede8814e303223a67eca476735dfe4e9e84b751354a5ea0232/analysis/1505008421/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5685b086ce12ffede8814e303223a67eca476735dfe4e9e84b751354a5ea0232"
},
{
"date": "09/11/2017 01:35:01",
"source": "cowrie 159.203.x.x",
"name": "5dd90418f0251a7b1245c56428b4f7d47a99276ad388965bad7eceb85e14365b",
"hash": "5dd90418f0251a7b1245c56428b4f7d47a99276ad388965bad7eceb85e14365b",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.DDBD052B",
"virustotal": "https://www.virustotal.com/file/5dd90418f0251a7b1245c56428b4f7d47a99276ad388965bad7eceb85e14365b/analysis/1505095211/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5dd90418f0251a7b1245c56428b4f7d47a99276ad388965bad7eceb85e14365b"
},
{
"date": "09/11/2017 00:30:02",
"source": "cowrie 159.203.x.x",
"name": "871eccd0efee4c73a09d6d0d5f870d137de3480a156bb7a84fa4736fd33104ab",
"hash": "871eccd0efee4c73a09d6d0d5f870d137de3480a156bb7a84fa4736fd33104ab",
"type": "a /usr/bin/perl script executable (binary data)",
"classification": "Backdoor.Perl.Shellbot.F",
"virustotal": "https://www.virustotal.com/file/871eccd0efee4c73a09d6d0d5f870d137de3480a156bb7a84fa4736fd33104ab/analysis/1503932767/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/871eccd0efee4c73a09d6d0d5f870d137de3480a156bb7a84fa4736fd33104ab"
},
{
"date": "09/11/2017 00:25:01",
"source": "deonaea 192.241.x.x",
"name": "68e02e825f6428f662baa9d924c9a9f0",
"hash": "0db4173dc5f638f83a3cd6a34538a6423c92bcba40b51a86fa0c3cb77d11a131",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Dropper.135",
"virustotal": "https://www.virustotal.com/file/0db4173dc5f638f83a3cd6a34538a6423c92bcba40b51a86fa0c3cb77d11a131/analysis/1505052687/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/68e02e825f6428f662baa9d924c9a9f0"
},
{
"date": "09/10/2017 16:45:01",
"source": "deonaea 192.241.x.x",
"name": "f3a2d53ab77c32b5b672f599f07c51ba",
"hash": "49e35e566b9b848ef0d355220dfd9ded4305d4638d001bc27258af76cb7cec0d",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Win32.Parite.B",
"virustotal": "https://www.virustotal.com/file/49e35e566b9b848ef0d355220dfd9ded4305d4638d001bc27258af76cb7cec0d/analysis/1505037627/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f3a2d53ab77c32b5b672f599f07c51ba"
},
{
"date": "09/10/2017 15:55:01",
"source": "deonaea 192.241.x.x",
"name": "0739c5a3cdd8d06bd9d6c18a8766d006",
"hash": "0bbbe3a0c8527a821db6bb7cd97e6d71aa8807b36cd19ccda451224442756b27",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/0bbbe3a0c8527a821db6bb7cd97e6d71aa8807b36cd19ccda451224442756b27/analysis/1505058784/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0739c5a3cdd8d06bd9d6c18a8766d006"
},
{
"date": "09/10/2017 10:30:01",
"source": "cowrie 159.203.x.x",
"name": "28dc1499fca0202df4d5306681145e910c5c00cb6fd34244ecb5bbc4b8633cbe",
"hash": "28dc1499fca0202df4d5306681145e910c5c00cb6fd34244ecb5bbc4b8633cbe",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.23101FD4",
"virustotal": "https://www.virustotal.com/file/28dc1499fca0202df4d5306681145e910c5c00cb6fd34244ecb5bbc4b8633cbe/analysis/1505039411/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/28dc1499fca0202df4d5306681145e910c5c00cb6fd34244ecb5bbc4b8633cbe"
},
{
"date": "09/10/2017 08:45:01",
"source": "cowrie 159.203.x.x",
"name": "83219331d340ce16ffbf1de5c8b9b18fcbf5587603150d3ada1672f1bff5068b",
"hash": "83219331d340ce16ffbf1de5c8b9b18fcbf5587603150d3ada1672f1bff5068b",
"type": "POSIX shell script, ASCII text executable",
"classification": "BV:Downloader-JQ [Drp]",
"virustotal": "https://www.virustotal.com/file/83219331d340ce16ffbf1de5c8b9b18fcbf5587603150d3ada1672f1bff5068b/analysis/1505032224/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/83219331d340ce16ffbf1de5c8b9b18fcbf5587603150d3ada1672f1bff5068b"
},
{
"date": "09/10/2017 08:15:01",
"source": "cowrie 159.203.x.x",
"name": "0fd403a7e9b82ad4b71d1efe02c4b3790e3445f6e6ac39ba9e13f0ea6414091d",
"hash": "0fd403a7e9b82ad4b71d1efe02c4b3790e3445f6e6ac39ba9e13f0ea6414091d",
"type": "POSIX shell script, ASCII text executable",
"classification": "BV:Downloader-JQ [Drp]",
"virustotal": "https://www.virustotal.com/file/0fd403a7e9b82ad4b71d1efe02c4b3790e3445f6e6ac39ba9e13f0ea6414091d/analysis/1505032206/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0fd403a7e9b82ad4b71d1efe02c4b3790e3445f6e6ac39ba9e13f0ea6414091d"
},
{
"date": "09/10/2017 03:00:01",
"source": "cowrie 159.203.x.x",
"name": "9bb350ee7f72e528918b4ef75de64c2d4935e570fbb9ca194879d60902a88719",
"hash": "9bb350ee7f72e528918b4ef75de64c2d4935e570fbb9ca194879d60902a88719",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.083103DB",
"virustotal": "https://www.virustotal.com/file/9bb350ee7f72e528918b4ef75de64c2d4935e570fbb9ca194879d60902a88719/analysis/1505010652/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/9bb350ee7f72e528918b4ef75de64c2d4935e570fbb9ca194879d60902a88719"
},
{
"date": "09/10/2017 02:45:01",
"source": "cowrie 159.203.x.x",
"name": "c02d8ba1e0910204e282f36e31dc2cdce27b21052502c17ba6b858898a8d5925",
"hash": "c02d8ba1e0910204e282f36e31dc2cdce27b21052502c17ba6b858898a8d5925",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.as",
"virustotal": "https://www.virustotal.com/file/c02d8ba1e0910204e282f36e31dc2cdce27b21052502c17ba6b858898a8d5925/analysis/1504534536/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/c02d8ba1e0910204e282f36e31dc2cdce27b21052502c17ba6b858898a8d5925"
},
{
"date": "09/10/2017 02:15:01",
"source": "cowrie 159.203.x.x",
"name": "90fd578040f184716245d6cf8cd5d56c2d561175749fe9b07574d662d786a9d4",
"hash": "90fd578040f184716245d6cf8cd5d56c2d561175749fe9b07574d662d786a9d4",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.9CB3EF3C",
"virustotal": "https://www.virustotal.com/file/90fd578040f184716245d6cf8cd5d56c2d561175749fe9b07574d662d786a9d4/analysis/1505009706/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/90fd578040f184716245d6cf8cd5d56c2d561175749fe9b07574d662d786a9d4"
},
{
"date": "09/09/2017 23:00:01",
"source": "cowrie 159.203.x.x",
"name": "aad89639064b44e35d1562c271435da358f8d7374e4f0367a43fbf512a344d9f",
"hash": "aad89639064b44e35d1562c271435da358f8d7374e4f0367a43fbf512a344d9f",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.D6459D7B",
"virustotal": "https://www.virustotal.com/file/aad89639064b44e35d1562c271435da358f8d7374e4f0367a43fbf512a344d9f/analysis/1504890006/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/aad89639064b44e35d1562c271435da358f8d7374e4f0367a43fbf512a344d9f"
},
{
"date": "09/09/2017 23:00:01",
"source": "cowrie 159.203.x.x",
"name": "94445f369ab2d2dfd7e49f8f9684923f704f2e02ba39f172c19827732f3ff896",
"hash": "94445f369ab2d2dfd7e49f8f9684923f704f2e02ba39f172c19827732f3ff896",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.99561BA1",
"virustotal": "https://www.virustotal.com/file/94445f369ab2d2dfd7e49f8f9684923f704f2e02ba39f172c19827732f3ff896/analysis/1504926243/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/94445f369ab2d2dfd7e49f8f9684923f704f2e02ba39f172c19827732f3ff896"
},
{
"date": "09/09/2017 23:00:01",
"source": "cowrie 159.203.x.x",
"name": "596cb9438341ff88e30427a6e0c2c331d30505b6ae89e889ecbfbd68558a3574",
"hash": "596cb9438341ff88e30427a6e0c2c331d30505b6ae89e889ecbfbd68558a3574",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.B43C0E42",
"virustotal": "https://www.virustotal.com/file/596cb9438341ff88e30427a6e0c2c331d30505b6ae89e889ecbfbd68558a3574/analysis/1504873846/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/596cb9438341ff88e30427a6e0c2c331d30505b6ae89e889ecbfbd68558a3574"
},
{
"date": "09/09/2017 23:00:01",
"source": "cowrie 159.203.x.x",
"name": "3ae6d7e742889f749a87de38eca2c04f62939f0c15ffe113f0d0d4faa778eeab",
"hash": "3ae6d7e742889f749a87de38eca2c04f62939f0c15ffe113f0d0d4faa778eeab",
"type": "MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Fri Sep 8 20:30:51 2017, mtime=Fri Sep 8 20:24:57 2017, atime=Thu Feb 2 09:34:39 2017, length=1980, window=hide",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/3ae6d7e742889f749a87de38eca2c04f62939f0c15ffe113f0d0d4faa778eeab/analysis/1504956607/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/3ae6d7e742889f749a87de38eca2c04f62939f0c15ffe113f0d0d4faa778eeab"
},
{
"date": "09/09/2017 22:30:01",
"source": "cowrie 159.203.x.x",
"name": "ff539489db1657d947017626e35b9d451d9ec93231affd150f32d6f3dc444876",
"hash": "ff539489db1657d947017626e35b9d451d9ec93231affd150f32d6f3dc444876",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.B1966097",
"virustotal": "https://www.virustotal.com/file/ff539489db1657d947017626e35b9d451d9ec93231affd150f32d6f3dc444876/analysis/1504873806/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ff539489db1657d947017626e35b9d451d9ec93231affd150f32d6f3dc444876"
},
{
"date": "09/09/2017 22:00:01",
"source": "cowrie 159.203.x.x",
"name": "1df552b2113d2c122f3adf1921ff461197eacda4c1f4ea04d970ffc1cf45eaf6",
"hash": "1df552b2113d2c122f3adf1921ff461197eacda4c1f4ea04d970ffc1cf45eaf6",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.08435C19",
"virustotal": "https://www.virustotal.com/file/1df552b2113d2c122f3adf1921ff461197eacda4c1f4ea04d970ffc1cf45eaf6/analysis/1504980918/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1df552b2113d2c122f3adf1921ff461197eacda4c1f4ea04d970ffc1cf45eaf6"
},
{
"date": "09/09/2017 22:00:01",
"source": "cowrie 159.203.x.x",
"name": "00268b762f9be5d53621ff104360984eb060f2c423ddcffa2f9d241aa3a0a2b4",
"hash": "00268b762f9be5d53621ff104360984eb060f2c423ddcffa2f9d241aa3a0a2b4",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.as",
"virustotal": "https://www.virustotal.com/file/00268b762f9be5d53621ff104360984eb060f2c423ddcffa2f9d241aa3a0a2b4/analysis/1502736254/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/00268b762f9be5d53621ff104360984eb060f2c423ddcffa2f9d241aa3a0a2b4"
},
{
"date": "09/09/2017 21:30:01",
"source": "cowrie 159.203.x.x",
"name": "6838666eee68fe3c2748bdc479d91637703af93685dcc6d55f093c71242f63f8",
"hash": "6838666eee68fe3c2748bdc479d91637703af93685dcc6d55f093c71242f63f8",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.460FAFD0",
"virustotal": "https://www.virustotal.com/file/6838666eee68fe3c2748bdc479d91637703af93685dcc6d55f093c71242f63f8/analysis/1504565466/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/6838666eee68fe3c2748bdc479d91637703af93685dcc6d55f093c71242f63f8"
},
{
"date": "09/09/2017 20:45:01",
"source": "deonaea 159.203.x.x",
"name": "7afb58303af371677102625566f8c4a9",
"hash": "8e647586c9980115fdbb250cd35a9bcfe80288800decfb116915fb8e8652c953",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Zusy.187320",
"virustotal": "https://www.virustotal.com/file/8e647586c9980115fdbb250cd35a9bcfe80288800decfb116915fb8e8652c953/analysis/1504886532/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7afb58303af371677102625566f8c4a9"
},
{
"date": "09/09/2017 20:05:01",
"source": "cowrie 159.203.x.x",
"name": "bc678a1cd5ee98e67d081a0508b77a3408d690955fbb987f2460d815fb95fc94",
"hash": "bc678a1cd5ee98e67d081a0508b77a3408d690955fbb987f2460d815fb95fc94",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.3AE15C40",
"virustotal": "https://www.virustotal.com/file/bc678a1cd5ee98e67d081a0508b77a3408d690955fbb987f2460d815fb95fc94/analysis/1504887328/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/bc678a1cd5ee98e67d081a0508b77a3408d690955fbb987f2460d815fb95fc94"
},
{
"date": "09/09/2017 19:45:01",
"source": "deonaea 192.241.x.x",
"name": "e8c5ced2ac108832e1e78779f3a5acd4",
"hash": "4af6314e12905ccba0c96e65f976a2bc00254843963177175d5bdaf8c76c5fac",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.290074",
"virustotal": "https://www.virustotal.com/file/4af6314e12905ccba0c96e65f976a2bc00254843963177175d5bdaf8c76c5fac/analysis/1504975235/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e8c5ced2ac108832e1e78779f3a5acd4"
},
{
"date": "09/09/2017 19:30:01",
"source": "cowrie 159.203.x.x",
"name": "20170909192846_5b0008a37059_0_http___145_239_72_250_cunty_sh",
"hash": "bc678a1cd5ee98e67d081a0508b77a3408d690955fbb987f2460d815fb95fc94",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.3AE15C40",
"virustotal": "https://www.virustotal.com/file/bc678a1cd5ee98e67d081a0508b77a3408d690955fbb987f2460d815fb95fc94/analysis/1504887328/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/20170909192846_5b0008a37059_0_http___145_239_72_250_cunty_sh"
},
{
"date": "09/09/2017 18:00:01",
"source": "deonaea 192.241.x.x",
"name": "f671d23d45ca06e64d8e4c801254a19c",
"hash": "a3486a4162e45b9ff72d6b885daf7ce14d79183747b95242170b74103f0f4911",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Trojan.GenericKD.5954824",
"virustotal": "https://www.virustotal.com/file/a3486a4162e45b9ff72d6b885daf7ce14d79183747b95242170b74103f0f4911/analysis/1504939704/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f671d23d45ca06e64d8e4c801254a19c"
},
{
"date": "09/09/2017 07:20:02",
"source": "deonaea 159.203.x.x",
"name": "eeeb30dec0463a62f855d2e24994a78f",
"hash": "1a37036f001636c157552e5c79ad1823c447b2eef1898e26e7fe177e37d7ef6a",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Mikey.38095",
"virustotal": "https://www.virustotal.com/file/1a37036f001636c157552e5c79ad1823c447b2eef1898e26e7fe177e37d7ef6a/analysis/1504901930/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/eeeb30dec0463a62f855d2e24994a78f"
},
{
"date": "09/09/2017 07:20:02",
"source": "deonaea 159.203.x.x",
"name": "e75c86b059137bc4ab2c0078898790e9",
"hash": "b2382a8b377c75c1db0d9e08e0f0742ca3e1754946413291959ce973bbda9303",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Strictor.144311",
"virustotal": "https://www.virustotal.com/file/b2382a8b377c75c1db0d9e08e0f0742ca3e1754946413291959ce973bbda9303/analysis/1504937963/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e75c86b059137bc4ab2c0078898790e9"
},
{
"date": "09/09/2017 03:30:01",
"source": "cowrie 159.203.x.x",
"name": "1152c1cf5f111c9a4971105e932e2e2ec4a292c3da0cd5b0441d3274924ac4fe",
"hash": "1152c1cf5f111c9a4971105e932e2e2ec4a292c3da0cd5b0441d3274924ac4fe",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.4D0F92F7",
"virustotal": "https://www.virustotal.com/file/1152c1cf5f111c9a4971105e932e2e2ec4a292c3da0cd5b0441d3274924ac4fe/analysis/1504926017/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1152c1cf5f111c9a4971105e932e2e2ec4a292c3da0cd5b0441d3274924ac4fe"
},
{
"date": "09/09/2017 02:30:01",
"source": "cowrie 159.203.x.x",
"name": "414dab159c31825056fd65fdefe5c58a21198d42a470fb21e5f46c3c8513b8fe",
"hash": "414dab159c31825056fd65fdefe5c58a21198d42a470fb21e5f46c3c8513b8fe",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.568C63D1",
"virustotal": "https://www.virustotal.com/file/414dab159c31825056fd65fdefe5c58a21198d42a470fb21e5f46c3c8513b8fe/analysis/1504562200/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/414dab159c31825056fd65fdefe5c58a21198d42a470fb21e5f46c3c8513b8fe"
},
{
"date": "09/09/2017 01:30:01",
"source": "deonaea 159.203.x.x",
"name": "ed64809b8d2ae44b98266a8e7009b767",
"hash": "aa05e85bcb2db0df54f4bbe9023e77ecb96a721abefea8f6c8a5c1406e2492e8",
"type": "PE32 executable (console) Intel 80386, for MS Windows",
"classification": "Trojan.Agent.CASE",
"virustotal": "https://www.virustotal.com/file/aa05e85bcb2db0df54f4bbe9023e77ecb96a721abefea8f6c8a5c1406e2492e8/analysis/1497570067/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ed64809b8d2ae44b98266a8e7009b767"
},
{
"date": "09/09/2017 01:30:01",
"source": "deonaea 159.203.x.x",
"name": "eb3e131b337941e07dcdd51b1e04124d",
"hash": "a37c110e262a7e4773d31f17ff9e8c3780727ec11c5e2d35af32e908efc19f72",
"type": "PE32 executable (console) Intel 80386, for MS Windows",
"classification": "Win32:Trojan-gen",
"virustotal": "https://www.virustotal.com/file/a37c110e262a7e4773d31f17ff9e8c3780727ec11c5e2d35af32e908efc19f72/analysis/1504912838/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/eb3e131b337941e07dcdd51b1e04124d"
},
{
"date": "09/09/2017 00:25:01",
"source": "cowrie 159.203.x.x",
"name": "c463ce22cf967adfa49cb8d61cd7524a15b1bec71b6ed567dbc0d05932084e1f",
"hash": "c463ce22cf967adfa49cb8d61cd7524a15b1bec71b6ed567dbc0d05932084e1f",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.04317532",
"virustotal": "https://www.virustotal.com/file/c463ce22cf967adfa49cb8d61cd7524a15b1bec71b6ed567dbc0d05932084e1f/analysis/1504641904/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/c463ce22cf967adfa49cb8d61cd7524a15b1bec71b6ed567dbc0d05932084e1f"
},
{
"date": "09/08/2017 19:01:42",
"source": "deonaea 192.241.x.x",
"name": "1545a65c6b8564cbf26b399286a3b32ce204c6f650dbc4a5a64a6505f87cc723",
"hash": "1545a65c6b8564cbf26b399286a3b32ce204c6f650dbc4a5a64a6505f87cc723",
"type": "ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, stripped",
"classification": "HEUR:Trojan.Linux.Agent.dt",
"virustotal": "https://www.virustotal.com/file/1545a65c6b8564cbf26b399286a3b32ce204c6f650dbc4a5a64a6505f87cc723/analysis/1504807093/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1545a65c6b8564cbf26b399286a3b32ce204c6f650dbc4a5a64a6505f87cc723"
},
{
"date": "09/08/2017 16:10:01",
"source": "deonaea 159.203.x.x",
"name": "eb081008a815aa18f41d3ce72d1e78bf",
"hash": "ad4b809bbbaaebf1c23fd87ee6f8072c18bbe8bdfc0fdf6297b898896bc2854b",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Generic.ServStart.A.FB5378D4",
"virustotal": "https://www.virustotal.com/file/ad4b809bbbaaebf1c23fd87ee6f8072c18bbe8bdfc0fdf6297b898896bc2854b/analysis/1504888291/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/eb081008a815aa18f41d3ce72d1e78bf"
},
{
"date": "09/08/2017 16:10:01",
"source": "deonaea 159.203.x.x",
"name": "be7c41e32ac300293516aa44db2429b8",
"hash": "5671ad480776b06c298a5ec14d50d6a41be9a5aa7492cff62c22605cd2509235",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Ramnit",
"virustotal": "https://www.virustotal.com/file/5671ad480776b06c298a5ec14d50d6a41be9a5aa7492cff62c22605cd2509235/analysis/1504888249/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/be7c41e32ac300293516aa44db2429b8"
},
{
"date": "09/08/2017 16:10:01",
"source": "deonaea 159.203.x.x",
"name": "a7258abe54185fa9651fd4c0ac03fefa",
"hash": "16571e6da1e5261d7a97e8f1bddd953dd2cb4e94cf67e378376521ef675fa6f7",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Ramnit",
"virustotal": "https://www.virustotal.com/file/16571e6da1e5261d7a97e8f1bddd953dd2cb4e94cf67e378376521ef675fa6f7/analysis/1504888207/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a7258abe54185fa9651fd4c0ac03fefa"
},
{
"date": "09/08/2017 15:00:01",
"source": "deonaea 159.203.x.x",
"name": "844290834b6450425b146d4517cdf780",
"hash": "303a36a13238eaaa8ac4241252225db319f47d4f12567084dc2e1c08c98e4c90",
"type": "ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, stripped",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/303a36a13238eaaa8ac4241252225db319f47d4f12567084dc2e1c08c98e4c90/analysis/1502696370/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/844290834b6450425b146d4517cdf780"
},
{
"date": "09/08/2017 02:30:01",
"source": "cowrie 159.203.x.x",
"name": "3d3297dc4cea77a1f09bf35f767ba847807864a82b7b869b6a7bde413bc12750",
"hash": "3d3297dc4cea77a1f09bf35f767ba847807864a82b7b869b6a7bde413bc12750",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.3259F9B0",
"virustotal": "https://www.virustotal.com/file/3d3297dc4cea77a1f09bf35f767ba847807864a82b7b869b6a7bde413bc12750/analysis/1504668606/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/3d3297dc4cea77a1f09bf35f767ba847807864a82b7b869b6a7bde413bc12750"
},
{
"date": "09/08/2017 02:00:01",
"source": "cowrie 159.203.x.x",
"name": "a080a5f4adfe00dbc9d5a4d75e897e882e9e3a70bed253824a5221ce15a050a0",
"hash": "a080a5f4adfe00dbc9d5a4d75e897e882e9e3a70bed253824a5221ce15a050a0",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.9D56CEEB",
"virustotal": "https://www.virustotal.com/file/a080a5f4adfe00dbc9d5a4d75e897e882e9e3a70bed253824a5221ce15a050a0/analysis/1504818048/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a080a5f4adfe00dbc9d5a4d75e897e882e9e3a70bed253824a5221ce15a050a0"
},
{
"date": "09/07/2017 21:05:01",
"source": "deonaea 159.203.x.x",
"name": "25c7cc5b578cf167590fa8cd194b9bea",
"hash": "124e282b9eba42164c898d49ff5570c935b11202ca906f56d0881a3e63e4a6c7",
"type": "PE32 executable (console) Intel 80386, for MS Windows, UPX compressed",
"classification": "Gen:Variant.Zusy.254911",
"virustotal": "https://www.virustotal.com/file/124e282b9eba42164c898d49ff5570c935b11202ca906f56d0881a3e63e4a6c7/analysis/1504802523/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/25c7cc5b578cf167590fa8cd194b9bea"
},
{
"date": "09/07/2017 20:45:02",
"source": "cowrie 159.203.x.x",
"name": "0ee3a4becf324ad8a8c3a22207c98e281b63229328c973ba54bd2852e949a3b5",
"hash": "0ee3a4becf324ad8a8c3a22207c98e281b63229328c973ba54bd2852e949a3b5",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.478CC430",
"virustotal": "https://www.virustotal.com/file/0ee3a4becf324ad8a8c3a22207c98e281b63229328c973ba54bd2852e949a3b5/analysis/1504818006/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0ee3a4becf324ad8a8c3a22207c98e281b63229328c973ba54bd2852e949a3b5"
},
{
"date": "09/07/2017 15:00:01",
"source": "deonaea 192.241.x.x",
"name": "a6a3fae657dc4cba24535a9ceb736f0b",
"hash": "2ef5fe76cc60f45e2a99b14365a8b5826d74cdffb87b9e1a607016b59c64b14b",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Mikey.38095",
"virustotal": "https://www.virustotal.com/file/2ef5fe76cc60f45e2a99b14365a8b5826d74cdffb87b9e1a607016b59c64b14b/analysis/1503604608/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a6a3fae657dc4cba24535a9ceb736f0b"
},
{
"date": "09/07/2017 15:00:01",
"source": "deonaea 192.241.x.x",
"name": "842829beabd59500f9bcc572b0b3c7bb",
"hash": "074aade813f3b41bfc1a8ce69cc2f12bb011d52c10412c233a2701a083c4c770",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Strictor.144311",
"virustotal": "https://www.virustotal.com/file/074aade813f3b41bfc1a8ce69cc2f12bb011d52c10412c233a2701a083c4c770/analysis/1504793366/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/842829beabd59500f9bcc572b0b3c7bb"
},
{
"date": "09/07/2017 14:55:01",
"source": "deonaea 192.241.x.x",
"name": "d2eed7ad7ad758a4c20960b3e93a3e20",
"hash": "154f1cdc15ab0f6d448b8ba256538826a29a06ff9494b0730d677a20d8461e6a",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Mikey.38095",
"virustotal": "https://www.virustotal.com/file/154f1cdc15ab0f6d448b8ba256538826a29a06ff9494b0730d677a20d8461e6a/analysis/1504793546/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/d2eed7ad7ad758a4c20960b3e93a3e20"
},
{
"date": "09/07/2017 14:10:02",
"source": "cowrie 159.203.x.x",
"name": "837eb283b6e077ff94a4c12870dcbdee1a040aced315f47c5a788a5ef7281466",
"hash": "837eb283b6e077ff94a4c12870dcbdee1a040aced315f47c5a788a5ef7281466",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.40947D5D",
"virustotal": "https://www.virustotal.com/file/837eb283b6e077ff94a4c12870dcbdee1a040aced315f47c5a788a5ef7281466/analysis/1504791918/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/837eb283b6e077ff94a4c12870dcbdee1a040aced315f47c5a788a5ef7281466"
},
{
"date": "09/07/2017 14:10:02",
"source": "cowrie 159.203.x.x",
"name": "1c6bf4041201b003f01235f4bd3083a29a11665c815c22e49bdf3126d93c79d7",
"hash": "1c6bf4041201b003f01235f4bd3083a29a11665c815c22e49bdf3126d93c79d7",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.EBD4565D",
"virustotal": "https://www.virustotal.com/file/1c6bf4041201b003f01235f4bd3083a29a11665c815c22e49bdf3126d93c79d7/analysis/1504793044/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1c6bf4041201b003f01235f4bd3083a29a11665c815c22e49bdf3126d93c79d7"
},
{
"date": "09/07/2017 11:25:01",
"source": "cowrie 159.203.x.x",
"name": "7f9655aefe174304dba3d369d3a8ca33dfd50eb2991ad969298191ba2b706432",
"hash": "7f9655aefe174304dba3d369d3a8ca33dfd50eb2991ad969298191ba2b706432",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.DA57B13F",
"virustotal": "https://www.virustotal.com/file/7f9655aefe174304dba3d369d3a8ca33dfd50eb2991ad969298191ba2b706432/analysis/1504537505/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7f9655aefe174304dba3d369d3a8ca33dfd50eb2991ad969298191ba2b706432"
},
{
"date": "09/07/2017 10:50:01",
"source": "cowrie 159.203.x.x",
"name": "20170907104958_edde7f6d9535_0_ftp___45_76_131_35_ftp1_sh",
"hash": "7f9655aefe174304dba3d369d3a8ca33dfd50eb2991ad969298191ba2b706432",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.DA57B13F",
"virustotal": "https://www.virustotal.com/file/7f9655aefe174304dba3d369d3a8ca33dfd50eb2991ad969298191ba2b706432/analysis/1504537505/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/20170907104958_edde7f6d9535_0_ftp___45_76_131_35_ftp1_sh"
},
{
"date": "09/07/2017 07:00:01",
"source": "cowrie 159.203.x.x",
"name": "b60309c8ed0986457ed60050bb221e681773c04aeb16fddbce07c87e95a7ff90",
"hash": "b60309c8ed0986457ed60050bb221e681773c04aeb16fddbce07c87e95a7ff90",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.as",
"virustotal": "https://www.virustotal.com/file/b60309c8ed0986457ed60050bb221e681773c04aeb16fddbce07c87e95a7ff90/analysis/1504704148/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b60309c8ed0986457ed60050bb221e681773c04aeb16fddbce07c87e95a7ff90"
},
{
"date": "09/07/2017 07:00:01",
"source": "cowrie 159.203.x.x",
"name": "77684687e4b29f675a98ad3103ab5700d4e8e761dbf5ffd43cf03f50b50248a1",
"hash": "77684687e4b29f675a98ad3103ab5700d4e8e761dbf5ffd43cf03f50b50248a1",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/77684687e4b29f675a98ad3103ab5700d4e8e761dbf5ffd43cf03f50b50248a1/analysis/1504704148/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/77684687e4b29f675a98ad3103ab5700d4e8e761dbf5ffd43cf03f50b50248a1"
},
{
"date": "09/06/2017 18:00:01",
"source": "cowrie 159.203.x.x",
"name": "29d15e9772e4f4939b9686e3d721d1b73247c9a1803e5d179d9c73740d6b2dd1",
"hash": "29d15e9772e4f4939b9686e3d721d1b73247c9a1803e5d179d9c73740d6b2dd1",
"type": "Python script, UTF-8 Unicode text executable",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/29d15e9772e4f4939b9686e3d721d1b73247c9a1803e5d179d9c73740d6b2dd1/analysis/1504720807/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/29d15e9772e4f4939b9686e3d721d1b73247c9a1803e5d179d9c73740d6b2dd1"
},
{
"date": "09/06/2017 15:50:01",
"source": "deonaea 159.203.x.x",
"name": "b27d50112838f18dc50f88f40f7af09d",
"hash": "c078c0aec320623c59994f4de37068a5447ae5856bcce88f5250ad24d7d585b0",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Generic.ServStart.A.778BC530",
"virustotal": "https://www.virustotal.com/file/c078c0aec320623c59994f4de37068a5447ae5856bcce88f5250ad24d7d585b0/analysis/1504686259/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b27d50112838f18dc50f88f40f7af09d"
},
{
"date": "09/06/2017 07:20:01",
"source": "deonaea 192.241.x.x",
"name": "e0c9b706b33501c4eacfb11ea3ecc299",
"hash": "77e8361c05922c593414fe613b02cb00cd4d8989235f777a26aea267dbf64e24",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Zusy.252395",
"virustotal": "https://www.virustotal.com/file/77e8361c05922c593414fe613b02cb00cd4d8989235f777a26aea267dbf64e24/analysis/1504671450/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e0c9b706b33501c4eacfb11ea3ecc299"
},
{
"date": "09/06/2017 06:00:02",
"source": "cowrie 159.203.x.x",
"name": "e393f326fec79acaf23efe1eedca09429a6c092586d02d2629230f240efb0216",
"hash": "e393f326fec79acaf23efe1eedca09429a6c092586d02d2629230f240efb0216",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.912B5E4E",
"virustotal": "https://www.virustotal.com/file/e393f326fec79acaf23efe1eedca09429a6c092586d02d2629230f240efb0216/analysis/1504668631/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e393f326fec79acaf23efe1eedca09429a6c092586d02d2629230f240efb0216"
},
{
"date": "09/06/2017 05:05:01",
"source": "deonaea 192.241.x.x",
"name": "7a0e087457d980d162024a5e32459e19",
"hash": "dcc946703ce41e5a57cd88a56fe21ef93f8744e949c1e0e31a7aece0c6fa8d82",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.260915",
"virustotal": "https://www.virustotal.com/file/dcc946703ce41e5a57cd88a56fe21ef93f8744e949c1e0e31a7aece0c6fa8d82/analysis/1504603585/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7a0e087457d980d162024a5e32459e19"
},
{
"date": "09/06/2017 03:45:01",
"source": "cowrie 159.203.x.x",
"name": "273cf94d3e83df271c8ece71952a0e5d9b884701eb0feffc1f60eaa949668f56",
"hash": "273cf94d3e83df271c8ece71952a0e5d9b884701eb0feffc1f60eaa949668f56",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.C9704CF4",
"virustotal": "https://www.virustotal.com/file/273cf94d3e83df271c8ece71952a0e5d9b884701eb0feffc1f60eaa949668f56/analysis/1504669527/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/273cf94d3e83df271c8ece71952a0e5d9b884701eb0feffc1f60eaa949668f56"
},
{
"date": "09/05/2017 22:45:02",
"source": "deonaea 192.241.x.x",
"name": "9d3b536bdacac3e96e4be454e2bc0416",
"hash": "7febe84e9c0a846ea6bd1483b4edb517222db23f2785cbba45847cc4d484b903",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Win32.Virtob.Gen.12",
"virustotal": "https://www.virustotal.com/file/7febe84e9c0a846ea6bd1483b4edb517222db23f2785cbba45847cc4d484b903/analysis/1504573094/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/9d3b536bdacac3e96e4be454e2bc0416"
},
{
"date": "09/05/2017 22:45:02",
"source": "deonaea 192.241.x.x",
"name": "30105ab4f90bc3ace18263c8c8de68e8",
"hash": "dc88582bbdf0a165140ccf6ac094e57e32fe880acb70d72bf3e9bd661c3d4b37",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Gen:Win32.NetworkWorm.cmKfae2UFfhb",
"virustotal": "https://www.virustotal.com/file/dc88582bbdf0a165140ccf6ac094e57e32fe880acb70d72bf3e9bd661c3d4b37/analysis/1504651364/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/30105ab4f90bc3ace18263c8c8de68e8"
},
{
"date": "09/05/2017 22:30:01",
"source": "cowrie 159.203.x.x",
"name": "c982ecb0b6f8f314c8398d91be0c37b31946a94cbb6f5cce834efb44a0670478",
"hash": "c982ecb0b6f8f314c8398d91be0c37b31946a94cbb6f5cce834efb44a0670478",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.2E3F3D71",
"virustotal": "https://www.virustotal.com/file/c982ecb0b6f8f314c8398d91be0c37b31946a94cbb6f5cce834efb44a0670478/analysis/1504537504/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/c982ecb0b6f8f314c8398d91be0c37b31946a94cbb6f5cce834efb44a0670478"
},
{
"date": "09/05/2017 00:45:01",
"source": "deonaea 159.203.x.x",
"name": "2ffea1dbaa2d9bf024d7f79e994af97b",
"hash": "8df288dc9ded0d1014257bab891aef12b59c3d80f1e1c3f12936899a38295df5",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Zusy.247887",
"virustotal": "https://www.virustotal.com/file/8df288dc9ded0d1014257bab891aef12b59c3d80f1e1c3f12936899a38295df5/analysis/1504435184/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2ffea1dbaa2d9bf024d7f79e994af97b"
},
{
"date": "08/31/2017 05:00:01",
"source": "cowrie 159.203.x.x",
"name": "baf219077fc0353cb161a54cb04ce85e8ab2a2b107ff293d78c69a8880b65c0e",
"hash": "baf219077fc0353cb161a54cb04ce85e8ab2a2b107ff293d78c69a8880b65c0e",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.29E762F4",
"virustotal": "https://www.virustotal.com/file/baf219077fc0353cb161a54cb04ce85e8ab2a2b107ff293d78c69a8880b65c0e/analysis/1504040432/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/baf219077fc0353cb161a54cb04ce85e8ab2a2b107ff293d78c69a8880b65c0e"
},
{
"date": "08/30/2017 23:00:01",
"source": "cowrie 159.203.x.x",
"name": "81118e5a27c142cbd98c48d022eb6cf09b9c60bfe8563bf222fec635545c02a7",
"hash": "81118e5a27c142cbd98c48d022eb6cf09b9c60bfe8563bf222fec635545c02a7",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.F2615B6B",
"virustotal": "https://www.virustotal.com/file/81118e5a27c142cbd98c48d022eb6cf09b9c60bfe8563bf222fec635545c02a7/analysis/1503882051/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/81118e5a27c142cbd98c48d022eb6cf09b9c60bfe8563bf222fec635545c02a7"
},
{
"date": "08/30/2017 23:00:01",
"source": "cowrie 159.203.x.x",
"name": "79dc55aabfd81f5a47e4e515a34564e92b537c78fab794fe145c7c061152761c",
"hash": "79dc55aabfd81f5a47e4e515a34564e92b537c78fab794fe145c7c061152761c",
"type": "Windows desktop.ini, ASCII text, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/79dc55aabfd81f5a47e4e515a34564e92b537c78fab794fe145c7c061152761c/analysis/1471239976/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/79dc55aabfd81f5a47e4e515a34564e92b537c78fab794fe145c7c061152761c"
},
{
"date": "08/30/2017 23:00:01",
"source": "cowrie 159.203.x.x",
"name": "72c97c886ca018a9c3b4ded3d1404ec4254821e04483ae5f9dd4727a7534e53b",
"hash": "72c97c886ca018a9c3b4ded3d1404ec4254821e04483ae5f9dd4727a7534e53b",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.68D865EB",
"virustotal": "https://www.virustotal.com/file/72c97c886ca018a9c3b4ded3d1404ec4254821e04483ae5f9dd4727a7534e53b/analysis/1503882009/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/72c97c886ca018a9c3b4ded3d1404ec4254821e04483ae5f9dd4727a7534e53b"
},
{
"date": "08/30/2017 23:00:01",
"source": "cowrie 159.203.x.x",
"name": "047f4b506b577a00af751ec96b5add04dbd8cf383a058c2ee59dd3af63fd8770",
"hash": "047f4b506b577a00af751ec96b5add04dbd8cf383a058c2ee59dd3af63fd8770",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.EAAB1874",
"virustotal": "https://www.virustotal.com/file/047f4b506b577a00af751ec96b5add04dbd8cf383a058c2ee59dd3af63fd8770/analysis/1504074937/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/047f4b506b577a00af751ec96b5add04dbd8cf383a058c2ee59dd3af63fd8770"
},
{
"date": "08/30/2017 21:00:01",
"source": "cowrie 159.203.x.x",
"name": "f6064f426c93e4bfb3f319b2017d68e5780c7861d49a595d6ce4beb5274bc3fe",
"hash": "f6064f426c93e4bfb3f319b2017d68e5780c7861d49a595d6ce4beb5274bc3fe",
"type": "ASCII text",
"classification": "Trojan.GenericKD.12000009",
"virustotal": "https://www.virustotal.com/file/f6064f426c93e4bfb3f319b2017d68e5780c7861d49a595d6ce4beb5274bc3fe/analysis/1504010858/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f6064f426c93e4bfb3f319b2017d68e5780c7861d49a595d6ce4beb5274bc3fe"
},
{
"date": "08/30/2017 20:50:01",
"source": "cowrie 159.203.x.x",
"name": "87b77dd3395cd2e600daa903a5a42c7e6a1ac0b7ec1188fbf17db3b0e04d9779",
"hash": "87b77dd3395cd2e600daa903a5a42c7e6a1ac0b7ec1188fbf17db3b0e04d9779",
"type": "ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.24, BuildID[sha1]=88b4c888254a47cd925435a02976635cb044fd48, not stripped",
"classification": "nondeterministic",
"virustotal": "" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/87b77dd3395cd2e600daa903a5a42c7e6a1ac0b7ec1188fbf17db3b0e04d9779"
},
{
"date": "08/30/2017 20:50:01",
"source": "cowrie 159.203.x.x",
"name": "5ebb44b2b77a3035b6a476334a779aa5e29013283b7b93e08d0497b3e20c3701",
"hash": "5ebb44b2b77a3035b6a476334a779aa5e29013283b7b93e08d0497b3e20c3701",
"type": "Bourne-Again shell script, ISO-8859 text executable, with escape sequences",
"classification": "nondeterministic",
"virustotal": "" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5ebb44b2b77a3035b6a476334a779aa5e29013283b7b93e08d0497b3e20c3701"
},
{
"date": "08/30/2017 20:50:01",
"source": "cowrie 159.203.x.x",
"name": "527d0d6a6373df66ad1e3bc888d9af1bbfd01714574b843e4d585528f66d90b2",
"hash": "527d0d6a6373df66ad1e3bc888d9af1bbfd01714574b843e4d585528f66d90b2",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/527d0d6a6373df66ad1e3bc888d9af1bbfd01714574b843e4d585528f66d90b2"
},
{
"date": "08/30/2017 20:50:01",
"source": "cowrie 159.203.x.x",
"name": "40f409155247f82e67f5c0e4f844e5f379cbd59bc10effac0f0283b83e61961e",
"hash": "40f409155247f82e67f5c0e4f844e5f379cbd59bc10effac0f0283b83e61961e",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "nondeterministic",
"virustotal": "" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/40f409155247f82e67f5c0e4f844e5f379cbd59bc10effac0f0283b83e61961e"
},
{
"date": "08/30/2017 20:50:01",
"source": "cowrie 159.203.x.x",
"name": "317aff19f01b6821906410784f5719669f451539ccf343b4883667569dc4d084",
"hash": "317aff19f01b6821906410784f5719669f451539ccf343b4883667569dc4d084",
"type": "a /usr/bin/perl script, UTF-8 Unicode text executable, with escape sequences",
"classification": "Trojan.Hacktool.Flood.A",
"virustotal": "https://www.virustotal.com/file/317aff19f01b6821906410784f5719669f451539ccf343b4883667569dc4d084/analysis/1462283148/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/317aff19f01b6821906410784f5719669f451539ccf343b4883667569dc4d084"
},
{
"date": "08/30/2017 20:50:01",
"source": "cowrie 159.203.x.x",
"name": "2413af510a75ada34716165992a425b35f62ba1478f63746502afd8a8a156b80",
"hash": "2413af510a75ada34716165992a425b35f62ba1478f63746502afd8a8a156b80",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, for GNU/Linux 2.0.0, stripped",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/2413af510a75ada34716165992a425b35f62ba1478f63746502afd8a8a156b80/analysis/1503569752/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2413af510a75ada34716165992a425b35f62ba1478f63746502afd8a8a156b80"
},
{
"date": "08/30/2017 20:50:01",
"source": "cowrie 159.203.x.x",
"name": "0a003a7989f5d4ba6e6c20455b13cd42e12000472b82378a5a9734672a62ba3e",
"hash": "0a003a7989f5d4ba6e6c20455b13cd42e12000472b82378a5a9734672a62ba3e",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.16, stripped",
"classification": "nondeterministic",
"virustotal": "" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0a003a7989f5d4ba6e6c20455b13cd42e12000472b82378a5a9734672a62ba3e"
},
{
"date": "08/30/2017 20:30:01",
"source": "cowrie 159.203.x.x",
"name": "b1e3ead6c4f93b7fb3a33c3cf74c4c3aa1f1a5723689dab050f8cc0d66dd9ab3",
"hash": "b1e3ead6c4f93b7fb3a33c3cf74c4c3aa1f1a5723689dab050f8cc0d66dd9ab3",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.B4D6CAB9",
"virustotal": "https://www.virustotal.com/file/b1e3ead6c4f93b7fb3a33c3cf74c4c3aa1f1a5723689dab050f8cc0d66dd9ab3/analysis/1504108823/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b1e3ead6c4f93b7fb3a33c3cf74c4c3aa1f1a5723689dab050f8cc0d66dd9ab3"
},
{
"date": "08/30/2017 20:30:01",
"source": "cowrie 159.203.x.x",
"name": "a36a60dd93e01e6cf0bde6b5e4898e81fccde78825d3a529b6238958d826fd3d",
"hash": "a36a60dd93e01e6cf0bde6b5e4898e81fccde78825d3a529b6238958d826fd3d",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.0A00D346",
"virustotal": "https://www.virustotal.com/file/a36a60dd93e01e6cf0bde6b5e4898e81fccde78825d3a529b6238958d826fd3d/analysis/1504008036/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a36a60dd93e01e6cf0bde6b5e4898e81fccde78825d3a529b6238958d826fd3d"
},
{
"date": "08/30/2017 20:30:01",
"source": "cowrie 159.203.x.x",
"name": "8e854ec00360f228c2e73b0b846ee31f01679e95776faaa6286e42ca2fc23cba",
"hash": "8e854ec00360f228c2e73b0b846ee31f01679e95776faaa6286e42ca2fc23cba",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.6B941E60",
"virustotal": "https://www.virustotal.com/file/8e854ec00360f228c2e73b0b846ee31f01679e95776faaa6286e42ca2fc23cba/analysis/1503818922/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8e854ec00360f228c2e73b0b846ee31f01679e95776faaa6286e42ca2fc23cba"
},
{
"date": "08/30/2017 20:00:01",
"source": "cowrie 159.203.x.x",
"name": "40f27adda7c584e7481a215915e87c8e08df4b4543203cf4e00c096e3ab8ebb5",
"hash": "40f27adda7c584e7481a215915e87c8e08df4b4543203cf4e00c096e3ab8ebb5",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.5539D41B",
"virustotal": "https://www.virustotal.com/file/40f27adda7c584e7481a215915e87c8e08df4b4543203cf4e00c096e3ab8ebb5/analysis/1504108817/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/40f27adda7c584e7481a215915e87c8e08df4b4543203cf4e00c096e3ab8ebb5"
},
{
"date": "08/30/2017 17:00:01",
"source": "cowrie 159.203.x.x",
"name": "ff37ea00b02430ea6a4da47b62841768f02893c6014d57566ca8b62c64e159f0",
"hash": "ff37ea00b02430ea6a4da47b62841768f02893c6014d57566ca8b62c64e159f0",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.515A2D3F",
"virustotal": "https://www.virustotal.com/file/ff37ea00b02430ea6a4da47b62841768f02893c6014d57566ca8b62c64e159f0/analysis/1504103413/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ff37ea00b02430ea6a4da47b62841768f02893c6014d57566ca8b62c64e159f0"
},
{
"date": "08/30/2017 14:30:01",
"source": "cowrie 159.203.x.x",
"name": "a1eeabcf0b6223d27253553b9eb8dc25a9b3e8c112262fcacf78cce7c1ef38a5",
"hash": "a1eeabcf0b6223d27253553b9eb8dc25a9b3e8c112262fcacf78cce7c1ef38a5",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.AC7D01C7",
"virustotal": "https://www.virustotal.com/file/a1eeabcf0b6223d27253553b9eb8dc25a9b3e8c112262fcacf78cce7c1ef38a5/analysis/1503990243/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a1eeabcf0b6223d27253553b9eb8dc25a9b3e8c112262fcacf78cce7c1ef38a5"
},
{
"date": "08/30/2017 13:30:02",
"source": "cowrie 159.203.x.x",
"name": "09692a806cd30ffe17ddb78b04db751641a0cd94d89a196c054f8811ea0a9b07",
"hash": "09692a806cd30ffe17ddb78b04db751641a0cd94d89a196c054f8811ea0a9b07",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.4CDB73A2",
"virustotal": "https://www.virustotal.com/file/09692a806cd30ffe17ddb78b04db751641a0cd94d89a196c054f8811ea0a9b07/analysis/1503921606/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/09692a806cd30ffe17ddb78b04db751641a0cd94d89a196c054f8811ea0a9b07"
},
{
"date": "08/30/2017 07:00:01",
"source": "cowrie 159.203.x.x",
"name": "20170830065849_ee47be798bfe_0_http___108_61_229_178_bins_sh",
"hash": "a36a60dd93e01e6cf0bde6b5e4898e81fccde78825d3a529b6238958d826fd3d",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.0A00D346",
"virustotal": "https://www.virustotal.com/file/a36a60dd93e01e6cf0bde6b5e4898e81fccde78825d3a529b6238958d826fd3d/analysis/1504008036/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/20170830065849_ee47be798bfe_0_http___108_61_229_178_bins_sh"
},
{
"date": "08/30/2017 01:15:01",
"source": "cowrie 159.203.x.x",
"name": "c35a8768c633b3631c9e0fd70b0b40ef19539043f8c0fc5f595c0e0b626595f1",
"hash": "c35a8768c633b3631c9e0fd70b0b40ef19539043f8c0fc5f595c0e0b626595f1",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/c35a8768c633b3631c9e0fd70b0b40ef19539043f8c0fc5f595c0e0b626595f1/analysis/1504001907/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/c35a8768c633b3631c9e0fd70b0b40ef19539043f8c0fc5f595c0e0b626595f1"
},
{
"date": "08/29/2017 16:10:01",
"source": "deonaea 192.241.x.x",
"name": "cf5c39b02c8f38f92d9bbb672fd2f19f",
"hash": "201a29ab2b047e1038aa6bfda29d011b66a815f512481fb116b231af206d6a03",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Zusy.248352",
"virustotal": "https://www.virustotal.com/file/201a29ab2b047e1038aa6bfda29d011b66a815f512481fb116b231af206d6a03/analysis/1504022745/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/cf5c39b02c8f38f92d9bbb672fd2f19f"
},
{
"date": "08/29/2017 12:30:01",
"source": "cowrie 159.203.x.x",
"name": "3850372dc049967bdb8665d1d1742c8667d1f04f81c30ad24c3eacd2a82e7392",
"hash": "3850372dc049967bdb8665d1d1742c8667d1f04f81c30ad24c3eacd2a82e7392",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.as",
"virustotal": "https://www.virustotal.com/file/3850372dc049967bdb8665d1d1742c8667d1f04f81c30ad24c3eacd2a82e7392/analysis/1503774048/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/3850372dc049967bdb8665d1d1742c8667d1f04f81c30ad24c3eacd2a82e7392"
},
{
"date": "08/29/2017 10:10:01",
"source": "cowrie 159.203.x.x",
"name": "62d506fa403d2b42b02a1801e9947f578fd41fd099972d95a926e373c9e12dc1",
"hash": "62d506fa403d2b42b02a1801e9947f578fd41fd099972d95a926e373c9e12dc1",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.21E12B94",
"virustotal": "https://www.virustotal.com/file/62d506fa403d2b42b02a1801e9947f578fd41fd099972d95a926e373c9e12dc1/analysis/1503791517/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/62d506fa403d2b42b02a1801e9947f578fd41fd099972d95a926e373c9e12dc1"
},
{
"date": "08/29/2017 10:10:01",
"source": "cowrie 159.203.x.x",
"name": "0279d3f81c2f06e7691facfd6ca08e56e959181c1d352f6c6b6fb18581ebc860",
"hash": "0279d3f81c2f06e7691facfd6ca08e56e959181c1d352f6c6b6fb18581ebc860",
"type": "ASCII text",
"classification": "BV:Downloader-KB [Drp]",
"virustotal": "https://www.virustotal.com/file/0279d3f81c2f06e7691facfd6ca08e56e959181c1d352f6c6b6fb18581ebc860/analysis/1503846375/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0279d3f81c2f06e7691facfd6ca08e56e959181c1d352f6c6b6fb18581ebc860"
},
{
"date": "08/29/2017 04:20:01",
"source": "cowrie 159.203.x.x",
"name": "1ecdc5afeaccef7ab4667d47ff783b7ea1e27d550b8632d21b6aafefe0ac1b5f",
"hash": "1ecdc5afeaccef7ab4667d47ff783b7ea1e27d550b8632d21b6aafefe0ac1b5f",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.49D7EF85",
"virustotal": "https://www.virustotal.com/file/1ecdc5afeaccef7ab4667d47ff783b7ea1e27d550b8632d21b6aafefe0ac1b5f/analysis/1503981006/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1ecdc5afeaccef7ab4667d47ff783b7ea1e27d550b8632d21b6aafefe0ac1b5f"
},
{
"date": "08/29/2017 02:55:01",
"source": "cowrie 159.203.x.x",
"name": "f3e6206bfc262b790ff58b0a291bf24c8c55ead38098386ccd9a119851629aed",
"hash": "f3e6206bfc262b790ff58b0a291bf24c8c55ead38098386ccd9a119851629aed",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.237E593F",
"virustotal": "https://www.virustotal.com/file/f3e6206bfc262b790ff58b0a291bf24c8c55ead38098386ccd9a119851629aed/analysis/1503975647/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f3e6206bfc262b790ff58b0a291bf24c8c55ead38098386ccd9a119851629aed"
},
{
"date": "08/29/2017 02:55:01",
"source": "cowrie 159.203.x.x",
"name": "39345f8860cf207ba2f50999a1575a37ab2c2df32f3a2e414267e003ac59fc74",
"hash": "39345f8860cf207ba2f50999a1575a37ab2c2df32f3a2e414267e003ac59fc74",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.407A4E8C",
"virustotal": "https://www.virustotal.com/file/39345f8860cf207ba2f50999a1575a37ab2c2df32f3a2e414267e003ac59fc74/analysis/1503975606/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/39345f8860cf207ba2f50999a1575a37ab2c2df32f3a2e414267e003ac59fc74"
},
{
"date": "08/28/2017 23:05:01",
"source": "cowrie 159.203.x.x",
"name": "eeb6c69034984e112d3f28afc90161b624b930becd39960bd0680b9c37ac3d8c",
"hash": "eeb6c69034984e112d3f28afc90161b624b930becd39960bd0680b9c37ac3d8c",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.8E9EB040",
"virustotal": "https://www.virustotal.com/file/eeb6c69034984e112d3f28afc90161b624b930becd39960bd0680b9c37ac3d8c/analysis/1503716645/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/eeb6c69034984e112d3f28afc90161b624b930becd39960bd0680b9c37ac3d8c"
},
{
"date": "08/28/2017 23:05:01",
"source": "cowrie 159.203.x.x",
"name": "8db70a01453bc537758b414073eb122ff5544433bc03b34ef04220b6a0168670",
"hash": "8db70a01453bc537758b414073eb122ff5544433bc03b34ef04220b6a0168670",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.3B2427CB",
"virustotal": "https://www.virustotal.com/file/8db70a01453bc537758b414073eb122ff5544433bc03b34ef04220b6a0168670/analysis/1503716643/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8db70a01453bc537758b414073eb122ff5544433bc03b34ef04220b6a0168670"
},
{
"date": "08/28/2017 21:30:01",
"source": "deonaea 192.241.x.x",
"name": "5700fcf1cb9d1798950d59fb688d782f",
"hash": "414f47ac39366309d27548239ee17992a99e672da4defbcc56db9cfcb67b2f36",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Ramnit",
"virustotal": "https://www.virustotal.com/file/414f47ac39366309d27548239ee17992a99e672da4defbcc56db9cfcb67b2f36/analysis/1503941039/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5700fcf1cb9d1798950d59fb688d782f"
},
{
"date": "08/28/2017 21:30:01",
"source": "cowrie 159.203.x.x",
"name": "20170828212935_222e09f168f2_0_http___198_199_111_46_cunty_sh",
"hash": "81118e5a27c142cbd98c48d022eb6cf09b9c60bfe8563bf222fec635545c02a7",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.F2615B6B",
"virustotal": "https://www.virustotal.com/file/81118e5a27c142cbd98c48d022eb6cf09b9c60bfe8563bf222fec635545c02a7/analysis/1503882051/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/20170828212935_222e09f168f2_0_http___198_199_111_46_cunty_sh"
},
{
"date": "08/28/2017 16:40:01",
"source": "cowrie 159.203.x.x",
"name": "f8c28666f2f2beb599dcc62721c41a82f52e63721dd2d5629073033b32a93154",
"hash": "f8c28666f2f2beb599dcc62721c41a82f52e63721dd2d5629073033b32a93154",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/f8c28666f2f2beb599dcc62721c41a82f52e63721dd2d5629073033b32a93154/analysis/1495062545/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f8c28666f2f2beb599dcc62721c41a82f52e63721dd2d5629073033b32a93154"
},
{
"date": "08/28/2017 16:40:01",
"source": "cowrie 159.203.x.x",
"name": "b27430b9b266906639d8f0f91333ef75b99fca2033dbcd368558e8452dc36575",
"hash": "b27430b9b266906639d8f0f91333ef75b99fca2033dbcd368558e8452dc36575",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (GNU/Linux), statically linked, for GNU/Linux 2.6.18, not stripped",
"classification": "Linux.CornelGEN.1622",
"virustotal": "https://www.virustotal.com/file/b27430b9b266906639d8f0f91333ef75b99fca2033dbcd368558e8452dc36575/analysis/1503933052/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b27430b9b266906639d8f0f91333ef75b99fca2033dbcd368558e8452dc36575"
},
{
"date": "08/28/2017 16:40:01",
"source": "cowrie 159.203.x.x",
"name": "0deaba19aa31724349b11c9e64e8508f9f96250793d5d94f3965bc9fed313c83",
"hash": "0deaba19aa31724349b11c9e64e8508f9f96250793d5d94f3965bc9fed313c83",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/0deaba19aa31724349b11c9e64e8508f9f96250793d5d94f3965bc9fed313c83/analysis/1503939651/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0deaba19aa31724349b11c9e64e8508f9f96250793d5d94f3965bc9fed313c83"
},
{
"date": "08/28/2017 16:30:01",
"source": "deonaea 192.241.x.x",
"name": "42a333becf9ceecdde9b311933959d3d",
"hash": "2ed42596b8290a0edbc34ac39ba7bc91b2543c8f96ad696d59f492a51d169aec",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Trojan.Generic.20492978",
"virustotal": "https://www.virustotal.com/file/2ed42596b8290a0edbc34ac39ba7bc91b2543c8f96ad696d59f492a51d169aec/analysis/1490590846/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/42a333becf9ceecdde9b311933959d3d"
},
{
"date": "08/28/2017 12:35:01",
"source": "deonaea 192.241.x.x",
"name": "63e7b5139afc6a5d54bebf5a518b2daf",
"hash": "26fd2c3c123d9a18ec4311f5a82bbe79a4190a89bce0e4d73e251f357484468f",
"type": "PE32 executable (console) Intel 80386, for MS Windows",
"classification": "Gen:Win32.Malware.ir0@aO4@sApb",
"virustotal": "https://www.virustotal.com/file/26fd2c3c123d9a18ec4311f5a82bbe79a4190a89bce0e4d73e251f357484468f/analysis/1503923645/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/63e7b5139afc6a5d54bebf5a518b2daf"
},
{
"date": "08/28/2017 08:30:01",
"source": "cowrie 159.203.x.x",
"name": "5c8c41253aa68adeb955e7d1c7b8e084e06537f75eff12c3f3a0f3cb30cb2152",
"hash": "5c8c41253aa68adeb955e7d1c7b8e084e06537f75eff12c3f3a0f3cb30cb2152",
"type": "ELF 32-bit LSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, stripped",
"classification": "Linux.Trojan.Agent.A",
"virustotal": "https://www.virustotal.com/file/5c8c41253aa68adeb955e7d1c7b8e084e06537f75eff12c3f3a0f3cb30cb2152/analysis/1503539535/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5c8c41253aa68adeb955e7d1c7b8e084e06537f75eff12c3f3a0f3cb30cb2152"
},
{
"date": "08/28/2017 08:25:01",
"source": "cowrie 159.203.x.x",
"name": "9c2848962733846bf50b490fd8f6c7ce9ecade2d3f2f530f5ecbba283af87d3a",
"hash": "9c2848962733846bf50b490fd8f6c7ce9ecade2d3f2f530f5ecbba283af87d3a",
"type": "ELF 32-bit LSB executable, ARM, version 1, statically linked, stripped",
"classification": "Linux.Trojan.Agent.A",
"virustotal": "https://www.virustotal.com/file/9c2848962733846bf50b490fd8f6c7ce9ecade2d3f2f530f5ecbba283af87d3a/analysis/1503539235/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/9c2848962733846bf50b490fd8f6c7ce9ecade2d3f2f530f5ecbba283af87d3a"
},
{
"date": "08/28/2017 06:10:01",
"source": "deonaea 192.241.x.x",
"name": "smb-w08rp2e8.tmp",
"hash": "b351f7bf82243434071c478c357e8e57402cf222eb2136ea92f707b5fecb28bd",
"type": "MS-DOS executable, MZ for MS-DOS",
"classification": "GenPack:Generic.Malware.MW.2EBED77D",
"virustotal": "https://www.virustotal.com/file/b351f7bf82243434071c478c357e8e57402cf222eb2136ea92f707b5fecb28bd/analysis/1503893163/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/smb-w08rp2e8.tmp"
},
{
"date": "08/28/2017 03:00:01",
"source": "cowrie 159.203.x.x",
"name": "5ebd8ecb53fd5b4a78bb438a136482f1c752d35dc7cba4cabfa76209c077f8b1",
"hash": "5ebd8ecb53fd5b4a78bb438a136482f1c752d35dc7cba4cabfa76209c077f8b1",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.6D6DA601",
"virustotal": "https://www.virustotal.com/file/5ebd8ecb53fd5b4a78bb438a136482f1c752d35dc7cba4cabfa76209c077f8b1/analysis/1503862252/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5ebd8ecb53fd5b4a78bb438a136482f1c752d35dc7cba4cabfa76209c077f8b1"
},
{
"date": "08/28/2017 02:00:01",
"source": "cowrie 159.203.x.x",
"name": "18f46eb021834317a4e27a57c84623e681830f7a8b81c03921de3108e2680b6a",
"hash": "18f46eb021834317a4e27a57c84623e681830f7a8b81c03921de3108e2680b6a",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.75A7B7D7",
"virustotal": "https://www.virustotal.com/file/18f46eb021834317a4e27a57c84623e681830f7a8b81c03921de3108e2680b6a/analysis/1503539171/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/18f46eb021834317a4e27a57c84623e681830f7a8b81c03921de3108e2680b6a"
},
{
"date": "08/28/2017 01:30:01",
"source": "cowrie 159.203.x.x",
"name": "70f5beff057e2261dd8eec991cd866dc01cafb5b0f0ba08cd884bd238f1b3093",
"hash": "70f5beff057e2261dd8eec991cd866dc01cafb5b0f0ba08cd884bd238f1b3093",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.2F34CC12",
"virustotal": "https://www.virustotal.com/file/70f5beff057e2261dd8eec991cd866dc01cafb5b0f0ba08cd884bd238f1b3093/analysis/1503828048/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/70f5beff057e2261dd8eec991cd866dc01cafb5b0f0ba08cd884bd238f1b3093"
},
{
"date": "08/28/2017 00:30:01",
"source": "cowrie 159.203.x.x",
"name": "2af4b918858ed0e9d25fbebd41efcce0a7dc43ccc390ee1bb52b41d85b9fe871",
"hash": "2af4b918858ed0e9d25fbebd41efcce0a7dc43ccc390ee1bb52b41d85b9fe871",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.0EB238D8",
"virustotal": "https://www.virustotal.com/file/2af4b918858ed0e9d25fbebd41efcce0a7dc43ccc390ee1bb52b41d85b9fe871/analysis/1503828007/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2af4b918858ed0e9d25fbebd41efcce0a7dc43ccc390ee1bb52b41d85b9fe871"
},
{
"date": "08/27/2017 23:10:01",
"source": "cowrie 159.203.x.x",
"name": "20170827230838_14ad4dc51d2b_0_http___80_211_225_15_cunty_sh",
"hash": "5ebd8ecb53fd5b4a78bb438a136482f1c752d35dc7cba4cabfa76209c077f8b1",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.6D6DA601",
"virustotal": "https://www.virustotal.com/file/5ebd8ecb53fd5b4a78bb438a136482f1c752d35dc7cba4cabfa76209c077f8b1/analysis/1503862252/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/20170827230838_14ad4dc51d2b_0_http___80_211_225_15_cunty_sh"
},
{
"date": "08/27/2017 19:10:01",
"source": "cowrie 159.203.x.x",
"name": "f8ad1a7029b17089f096c5900ae2dfec0fd5abd39476f58ededba3601f4d601b",
"hash": "f8ad1a7029b17089f096c5900ae2dfec0fd5abd39476f58ededba3601f4d601b",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.4402F842",
"virustotal": "https://www.virustotal.com/file/f8ad1a7029b17089f096c5900ae2dfec0fd5abd39476f58ededba3601f4d601b/analysis/1503862211/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f8ad1a7029b17089f096c5900ae2dfec0fd5abd39476f58ededba3601f4d601b"
},
{
"date": "08/27/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "81f4ea257f97d73e1acd69683907e7c782b48f94d1e16a181ec2b2206606c280",
"hash": "81f4ea257f97d73e1acd69683907e7c782b48f94d1e16a181ec2b2206606c280",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.CE70CA48",
"virustotal": "https://www.virustotal.com/file/81f4ea257f97d73e1acd69683907e7c782b48f94d1e16a181ec2b2206606c280/analysis/1503782142/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/81f4ea257f97d73e1acd69683907e7c782b48f94d1e16a181ec2b2206606c280"
},
{
"date": "08/27/2017 17:00:01",
"source": "cowrie 159.203.x.x",
"name": "512ca07264a06a91d5fbe00301a05949575574fda9c0d4a6a8737e1a8197c789",
"hash": "512ca07264a06a91d5fbe00301a05949575574fda9c0d4a6a8737e1a8197c789",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.85681D53",
"virustotal": "https://www.virustotal.com/file/512ca07264a06a91d5fbe00301a05949575574fda9c0d4a6a8737e1a8197c789/analysis/1503783007/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/512ca07264a06a91d5fbe00301a05949575574fda9c0d4a6a8737e1a8197c789"
},
{
"date": "08/27/2017 17:00:01",
"source": "cowrie 159.203.x.x",
"name": "20170827165857_4578afcdb717_0_http___80_211_225_15_cunty_sh",
"hash": "81f4ea257f97d73e1acd69683907e7c782b48f94d1e16a181ec2b2206606c280",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.CE70CA48",
"virustotal": "https://www.virustotal.com/file/81f4ea257f97d73e1acd69683907e7c782b48f94d1e16a181ec2b2206606c280/analysis/1503782142/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/20170827165857_4578afcdb717_0_http___80_211_225_15_cunty_sh"
},
{
"date": "08/27/2017 11:30:01",
"source": "cowrie 159.203.x.x",
"name": "296af9b4fbe555567572f14349ac85e2fc0996ff199c77b6261cd5e60de137dc",
"hash": "296af9b4fbe555567572f14349ac85e2fc0996ff199c77b6261cd5e60de137dc",
"type": "Zip archive data, at least v1.0 to extract",
"classification": "Trojan.Hacktool.Linux.Pscan.A",
"virustotal": "https://www.virustotal.com/file/296af9b4fbe555567572f14349ac85e2fc0996ff199c77b6261cd5e60de137dc/analysis/1500664208/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/296af9b4fbe555567572f14349ac85e2fc0996ff199c77b6261cd5e60de137dc"
},
{
"date": "08/27/2017 10:05:01",
"source": "cowrie 159.203.x.x",
"name": "3a7adbaa2a23b255b7bdba7f835845f06117ce502910ca43225c59d49566ef6c",
"hash": "3a7adbaa2a23b255b7bdba7f835845f06117ce502910ca43225c59d49566ef6c",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/3a7adbaa2a23b255b7bdba7f835845f06117ce502910ca43225c59d49566ef6c/analysis/1503828122/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/3a7adbaa2a23b255b7bdba7f835845f06117ce502910ca43225c59d49566ef6c"
},
{
"date": "08/27/2017 08:20:01",
"source": "cowrie 159.203.x.x",
"name": "8422fe9ede404c1782ab1a6a5cc7e002d46570ce70e4ba5f0fe4b3edfa3d5f6c",
"hash": "8422fe9ede404c1782ab1a6a5cc7e002d46570ce70e4ba5f0fe4b3edfa3d5f6c",
"type": "HTML document, ASCII text, with very long lines, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/8422fe9ede404c1782ab1a6a5cc7e002d46570ce70e4ba5f0fe4b3edfa3d5f6c/analysis/1503822688/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8422fe9ede404c1782ab1a6a5cc7e002d46570ce70e4ba5f0fe4b3edfa3d5f6c"
},
{
"date": "08/27/2017 08:20:01",
"source": "cowrie 159.203.x.x",
"name": "64879160f088c0570f86dfa8e68678152ba99468c4143cdc4a2cf591b8b8d99a",
"hash": "64879160f088c0570f86dfa8e68678152ba99468c4143cdc4a2cf591b8b8d99a",
"type": "a /usr/bin/perl script, UTF-8 Unicode text executable, with escape sequences",
"classification": "Perl:Flooder-A [Trj]",
"virustotal": "https://www.virustotal.com/file/64879160f088c0570f86dfa8e68678152ba99468c4143cdc4a2cf591b8b8d99a/analysis/1503822729/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/64879160f088c0570f86dfa8e68678152ba99468c4143cdc4a2cf591b8b8d99a"
},
{
"date": "08/27/2017 08:15:01",
"source": "cowrie 159.203.x.x",
"name": "99f04e8e5757a1c11deef3587bb283238e79c5fac5045e94ca98f797b65c486e",
"hash": "99f04e8e5757a1c11deef3587bb283238e79c5fac5045e94ca98f797b65c486e",
"type": "Bourne-Again shell script, ASCII text executable, with escape sequences",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/99f04e8e5757a1c11deef3587bb283238e79c5fac5045e94ca98f797b65c486e/analysis/1502190378/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/99f04e8e5757a1c11deef3587bb283238e79c5fac5045e94ca98f797b65c486e"
},
{
"date": "08/27/2017 08:15:01",
"source": "cowrie 159.203.x.x",
"name": "39ba38e6fe7800b28091be2c84499d0617e68f72331971eef86eb8c51a09fe3b",
"hash": "39ba38e6fe7800b28091be2c84499d0617e68f72331971eef86eb8c51a09fe3b",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/39ba38e6fe7800b28091be2c84499d0617e68f72331971eef86eb8c51a09fe3b/analysis/1501682767/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/39ba38e6fe7800b28091be2c84499d0617e68f72331971eef86eb8c51a09fe3b"
},
{
"date": "08/27/2017 06:55:01",
"source": "cowrie 159.203.x.x",
"name": "b538b4c37e880b3517fad0ea025797018fb757af577362814047d2bbc9a93ab6",
"hash": "b538b4c37e880b3517fad0ea025797018fb757af577362814047d2bbc9a93ab6",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.13D430E6",
"virustotal": "https://www.virustotal.com/file/b538b4c37e880b3517fad0ea025797018fb757af577362814047d2bbc9a93ab6/analysis/1503817206/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b538b4c37e880b3517fad0ea025797018fb757af577362814047d2bbc9a93ab6"
},
{
"date": "08/27/2017 06:55:01",
"source": "cowrie 159.203.x.x",
"name": "a5a65d2c6eee3d338cbd6be7a07b72e4d8691bdf4351dc50c8ad7e74b9a4a99f",
"hash": "a5a65d2c6eee3d338cbd6be7a07b72e4d8691bdf4351dc50c8ad7e74b9a4a99f",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.53E96C24",
"virustotal": "https://www.virustotal.com/file/a5a65d2c6eee3d338cbd6be7a07b72e4d8691bdf4351dc50c8ad7e74b9a4a99f/analysis/1503817247/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a5a65d2c6eee3d338cbd6be7a07b72e4d8691bdf4351dc50c8ad7e74b9a4a99f"
},
{
"date": "08/27/2017 02:00:01",
"source": "cowrie 159.203.x.x",
"name": "aa1c4582c83d1604474245a479ca46d87fa47b22de2316f6e36edf0affbeb737",
"hash": "aa1c4582c83d1604474245a479ca46d87fa47b22de2316f6e36edf0affbeb737",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.B7587DE3",
"virustotal": "https://www.virustotal.com/file/aa1c4582c83d1604474245a479ca46d87fa47b22de2316f6e36edf0affbeb737/analysis/1503727445/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/aa1c4582c83d1604474245a479ca46d87fa47b22de2316f6e36edf0affbeb737"
},
{
"date": "08/26/2017 18:40:01",
"source": "cowrie 159.203.x.x",
"name": "47851ef28409c0097486bf225a15a86ea8a8f76c2a9010974e5930fc73f88930",
"hash": "47851ef28409c0097486bf225a15a86ea8a8f76c2a9010974e5930fc73f88930",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.DACDC3F1",
"virustotal": "https://www.virustotal.com/file/47851ef28409c0097486bf225a15a86ea8a8f76c2a9010974e5930fc73f88930/analysis/1503665772/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/47851ef28409c0097486bf225a15a86ea8a8f76c2a9010974e5930fc73f88930"
},
{
"date": "08/26/2017 18:30:01",
"source": "cowrie 159.203.x.x",
"name": "6cde664990b1d1cdbaa9842d4938e870a5d0e4d9ca0f920a60a457be2d23326e",
"hash": "6cde664990b1d1cdbaa9842d4938e870a5d0e4d9ca0f920a60a457be2d23326e",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.19C24485",
"virustotal": "https://www.virustotal.com/file/6cde664990b1d1cdbaa9842d4938e870a5d0e4d9ca0f920a60a457be2d23326e/analysis/1503687659/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/6cde664990b1d1cdbaa9842d4938e870a5d0e4d9ca0f920a60a457be2d23326e"
},
{
"date": "08/26/2017 17:05:01",
"source": "cowrie 159.203.x.x",
"name": "25a5da015516ca5fb177ae0c67f06bdd5bc419443b06bcedc59fa12c928f7c12",
"hash": "25a5da015516ca5fb177ae0c67f06bdd5bc419443b06bcedc59fa12c928f7c12",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.9E4A98B5",
"virustotal": "https://www.virustotal.com/file/25a5da015516ca5fb177ae0c67f06bdd5bc419443b06bcedc59fa12c928f7c12/analysis/1503767104/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/25a5da015516ca5fb177ae0c67f06bdd5bc419443b06bcedc59fa12c928f7c12"
},
{
"date": "08/26/2017 13:35:01",
"source": "cowrie 159.203.x.x",
"name": "a04a8f7feb5e20427834d2c1a29c685763d6c357af7144bfd588e0fdb3cf1b01",
"hash": "a04a8f7feb5e20427834d2c1a29c685763d6c357af7144bfd588e0fdb3cf1b01",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.FC4D3339",
"virustotal": "https://www.virustotal.com/file/a04a8f7feb5e20427834d2c1a29c685763d6c357af7144bfd588e0fdb3cf1b01/analysis/1503687606/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a04a8f7feb5e20427834d2c1a29c685763d6c357af7144bfd588e0fdb3cf1b01"
},
{
"date": "08/26/2017 13:05:01",
"source": "cowrie 159.203.x.x",
"name": "20170826130234_103f94a392b8_0_http___212_237_10_132_cunty_sh",
"hash": "a04a8f7feb5e20427834d2c1a29c685763d6c357af7144bfd588e0fdb3cf1b01",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.FC4D3339",
"virustotal": "https://www.virustotal.com/file/a04a8f7feb5e20427834d2c1a29c685763d6c357af7144bfd588e0fdb3cf1b01/analysis/1503687606/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/20170826130234_103f94a392b8_0_http___212_237_10_132_cunty_sh"
},
{
"date": "08/26/2017 11:00:01",
"source": "deonaea 192.241.x.x",
"name": "f89d83aed98e0f42a8ebb0e83f9f8515",
"hash": "5fdb7264b0eebb197987cff8edf555183907f1af0f0763d2a4c9eb28ea0f0d04",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Zusy.237632",
"virustotal": "https://www.virustotal.com/file/5fdb7264b0eebb197987cff8edf555183907f1af0f0763d2a4c9eb28ea0f0d04/analysis/1503476891/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f89d83aed98e0f42a8ebb0e83f9f8515"
},
{
"date": "08/26/2017 07:50:01",
"source": "deonaea 159.203.x.x",
"name": "smb-i_i4x7ih.tmp",
"hash": "2dc4d045b8a0c66dc003a0c92c8305c53b7fc8f7b7347befdf59d4b16e26135a",
"type": "data",
"classification": "Worm.Generic.230976",
"virustotal": "https://www.virustotal.com/file/2dc4d045b8a0c66dc003a0c92c8305c53b7fc8f7b7347befdf59d4b16e26135a/analysis/1503721037/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/smb-i_i4x7ih.tmp"
},
{
"date": "08/26/2017 06:20:01",
"source": "cowrie 159.203.x.x",
"name": "1d0413b3e2aa375b4cda5cea6c65a289982b2aa40d5b7f8fc71b650dd84c1a4f",
"hash": "1d0413b3e2aa375b4cda5cea6c65a289982b2aa40d5b7f8fc71b650dd84c1a4f",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.294A8E59",
"virustotal": "https://www.virustotal.com/file/1d0413b3e2aa375b4cda5cea6c65a289982b2aa40d5b7f8fc71b650dd84c1a4f/analysis/1503727443/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1d0413b3e2aa375b4cda5cea6c65a289982b2aa40d5b7f8fc71b650dd84c1a4f"
},
{
"date": "08/26/2017 02:30:01",
"source": "cowrie 159.203.x.x",
"name": "095f2cf12f78c0be827faf45b794aaac7d8e60e7111bce8766b652f7486db728",
"hash": "095f2cf12f78c0be827faf45b794aaac7d8e60e7111bce8766b652f7486db728",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.2B1FEF53",
"virustotal": "https://www.virustotal.com/file/095f2cf12f78c0be827faf45b794aaac7d8e60e7111bce8766b652f7486db728/analysis/1503301284/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/095f2cf12f78c0be827faf45b794aaac7d8e60e7111bce8766b652f7486db728"
},
{
"date": "08/26/2017 02:00:01",
"source": "cowrie 159.203.x.x",
"name": "3beb5005429a4b72266882e5a1ce02aaf674b8a61a33c05a961dd987eabc3295",
"hash": "3beb5005429a4b72266882e5a1ce02aaf674b8a61a33c05a961dd987eabc3295",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.233CD49C",
"virustotal": "https://www.virustotal.com/file/3beb5005429a4b72266882e5a1ce02aaf674b8a61a33c05a961dd987eabc3295/analysis/1503338770/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/3beb5005429a4b72266882e5a1ce02aaf674b8a61a33c05a961dd987eabc3295"
},
{
"date": "08/25/2017 18:45:01",
"source": "cowrie 159.203.x.x",
"name": "fa71cfb9453f4ba8104a396e5ade45b23401d7c39bebd2ab0f24be058a7c7b15",
"hash": "fa71cfb9453f4ba8104a396e5ade45b23401d7c39bebd2ab0f24be058a7c7b15",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.as",
"virustotal": "https://www.virustotal.com/file/fa71cfb9453f4ba8104a396e5ade45b23401d7c39bebd2ab0f24be058a7c7b15/analysis/1503687701/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/fa71cfb9453f4ba8104a396e5ade45b23401d7c39bebd2ab0f24be058a7c7b15"
},
{
"date": "08/25/2017 18:45:01",
"source": "cowrie 159.203.x.x",
"name": "901a58ced6553605e980162af4520c2d41688bdb1d6dd75a81a98750b8491802",
"hash": "901a58ced6553605e980162af4520c2d41688bdb1d6dd75a81a98750b8491802",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.C7305BBE",
"virustotal": "https://www.virustotal.com/file/901a58ced6553605e980162af4520c2d41688bdb1d6dd75a81a98750b8491802/analysis/1503685553/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/901a58ced6553605e980162af4520c2d41688bdb1d6dd75a81a98750b8491802"
},
{
"date": "08/25/2017 12:00:01",
"source": "deonaea 192.241.x.x",
"name": "060088b29f15ecb8a3edd0b1fa039e6f",
"hash": "215d0deac05cb1c703ae7fbe8593ae06b4f8dcbce3bfcc96ebc9328f4b721a25",
"type": "PE32 executable (console) Intel 80386, for MS Windows, UPX compressed",
"classification": "Gen:Win32.Malware.wmKfa4mxPNjb",
"virustotal": "https://www.virustotal.com/file/215d0deac05cb1c703ae7fbe8593ae06b4f8dcbce3bfcc96ebc9328f4b721a25/analysis/1503662184/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/060088b29f15ecb8a3edd0b1fa039e6f"
},
{
"date": "08/25/2017 08:20:01",
"source": "deonaea 192.241.x.x",
"name": "490449529b74cfcde90c7877814d7545",
"hash": "3e5d15f307dd24c2ff4a5ba9bbaca9b931ae3d9d294a0509ccd880e7fc949cca",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Generic.ServStart.A.8FFB1AEA",
"virustotal": "https://www.virustotal.com/file/3e5d15f307dd24c2ff4a5ba9bbaca9b931ae3d9d294a0509ccd880e7fc949cca/analysis/1503453195/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/490449529b74cfcde90c7877814d7545"
},
{
"date": "08/24/2017 23:30:01",
"source": "cowrie 159.203.x.x",
"name": "f1bb8febd5d67173ee049882c71f9fb0af18c655b3aeeec32e913f94f8782e6b",
"hash": "f1bb8febd5d67173ee049882c71f9fb0af18c655b3aeeec32e913f94f8782e6b",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.1A951406",
"virustotal": "https://www.virustotal.com/file/f1bb8febd5d67173ee049882c71f9fb0af18c655b3aeeec32e913f94f8782e6b/analysis/1503205444/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f1bb8febd5d67173ee049882c71f9fb0af18c655b3aeeec32e913f94f8782e6b"
},
{
"date": "08/24/2017 23:25:01",
"source": "deonaea 192.241.x.x",
"name": "6ea63b19ab915004dbcdd897be2732ea",
"hash": "92a2ba7862cc023cf08fbe7c0d2f0f26db5ba277e2e4075df123fa96a61f0e9d",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Win32.Ramnit",
"virustotal": "https://www.virustotal.com/file/92a2ba7862cc023cf08fbe7c0d2f0f26db5ba277e2e4075df123fa96a61f0e9d/analysis/1503539496/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/6ea63b19ab915004dbcdd897be2732ea"
},
{
"date": "08/24/2017 11:35:01",
"source": "deonaea 192.241.x.x",
"name": "90575ec2147b274c35f3c088dd9d7ecf",
"hash": "0563da1f2cdc8976e5024ed6ae8b6ac6ab9a1dabf4c9cbde82533be8c3dc32e3",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Win32:Malware-gen",
"virustotal": "https://www.virustotal.com/file/0563da1f2cdc8976e5024ed6ae8b6ac6ab9a1dabf4c9cbde82533be8c3dc32e3/analysis/1503574424/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/90575ec2147b274c35f3c088dd9d7ecf"
},
{
"date": "08/24/2017 05:00:01",
"source": "cowrie 159.203.x.x",
"name": "f58a66e2f8b951a3244545a1b9e79ade25f3e75409ff010c469ebb9284c316d2",
"hash": "f58a66e2f8b951a3244545a1b9e79ade25f3e75409ff010c469ebb9284c316d2",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.F25893C0",
"virustotal": "https://www.virustotal.com/file/f58a66e2f8b951a3244545a1b9e79ade25f3e75409ff010c469ebb9284c316d2/analysis/1503550806/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f58a66e2f8b951a3244545a1b9e79ade25f3e75409ff010c469ebb9284c316d2"
},
{
"date": "08/24/2017 03:15:01",
"source": "deonaea 192.241.x.x",
"name": "22d20130f272af83f9b184d25f90c360",
"hash": "df2e4b02924ba8b1ca3a2ec32c3f56908968ad702c315842b2a0102d76f07362",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Win32.Virtob.Gen.12",
"virustotal": "https://www.virustotal.com/file/df2e4b02924ba8b1ca3a2ec32c3f56908968ad702c315842b2a0102d76f07362/analysis/1503539457/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/22d20130f272af83f9b184d25f90c360"
},
{
"date": "08/24/2017 01:30:01",
"source": "cowrie 159.203.x.x",
"name": "a529e9e110626962b11ff5f47e69d952d070a1c64aa41810c4e5e42532390f12",
"hash": "a529e9e110626962b11ff5f47e69d952d070a1c64aa41810c4e5e42532390f12",
"type": "Python script, ASCII text executable",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/a529e9e110626962b11ff5f47e69d952d070a1c64aa41810c4e5e42532390f12/analysis/1500390502/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a529e9e110626962b11ff5f47e69d952d070a1c64aa41810c4e5e42532390f12"
},
{
"date": "08/24/2017 01:30:01",
"source": "cowrie 159.203.x.x",
"name": "5aa8db78dbedbfe1bace9a267d405f6395c1151211d1d8560478c2bf37f7eb86",
"hash": "5aa8db78dbedbfe1bace9a267d405f6395c1151211d1d8560478c2bf37f7eb86",
"type": "a /usr/bin/perl script executable (binary data)",
"classification": "Backdoor.Perl.Shellbot.B",
"virustotal": "https://www.virustotal.com/file/5aa8db78dbedbfe1bace9a267d405f6395c1151211d1d8560478c2bf37f7eb86/analysis/1503187567/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5aa8db78dbedbfe1bace9a267d405f6395c1151211d1d8560478c2bf37f7eb86"
},
{
"date": "08/24/2017 00:00:01",
"source": "deonaea 159.203.x.x",
"name": "94a61281894ed3ed78b42df46349a1a8",
"hash": "5083b12a0b17d28d10b57e1994f3fec02e32734ca76a8a11687311b999360850",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.298468",
"virustotal": "https://www.virustotal.com/file/5083b12a0b17d28d10b57e1994f3fec02e32734ca76a8a11687311b999360850/analysis/1503532807/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/94a61281894ed3ed78b42df46349a1a8"
},
{
"date": "08/23/2017 21:00:01",
"source": "cowrie 159.203.x.x",
"name": "1235adcfd236045a28d89f0f3559862e422e309a283aca00db7ae9d10b7f3fee",
"hash": "1235adcfd236045a28d89f0f3559862e422e309a283aca00db7ae9d10b7f3fee",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.62701C35",
"virustotal": "https://www.virustotal.com/file/1235adcfd236045a28d89f0f3559862e422e309a283aca00db7ae9d10b7f3fee/analysis/1503391782/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1235adcfd236045a28d89f0f3559862e422e309a283aca00db7ae9d10b7f3fee"
},
{
"date": "08/23/2017 20:00:01",
"source": "cowrie 159.203.x.x",
"name": "a3918748ec904459350f72665df0ecf5ab5d02df59e9bc8c73d6fd1a9980bb04",
"hash": "a3918748ec904459350f72665df0ecf5ab5d02df59e9bc8c73d6fd1a9980bb04",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/a3918748ec904459350f72665df0ecf5ab5d02df59e9bc8c73d6fd1a9980bb04/analysis/1496851700/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a3918748ec904459350f72665df0ecf5ab5d02df59e9bc8c73d6fd1a9980bb04"
},
{
"date": "08/23/2017 19:30:01",
"source": "deonaea 192.241.x.x",
"name": "609a36eafa8fa35b7518cca1f7ce9110",
"hash": "9f7390b0dad3a06f18f8c82fb9af7590de00ae5322bd31c70e3f8538c5d1611c",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Generic.Keylogger.2.4C4D386E",
"virustotal": "https://www.virustotal.com/file/9f7390b0dad3a06f18f8c82fb9af7590de00ae5322bd31c70e3f8538c5d1611c/analysis/1503347626/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/609a36eafa8fa35b7518cca1f7ce9110"
},
{
"date": "08/23/2017 19:00:01",
"source": "deonaea 192.241.x.x",
"name": "2d5509cffc232392ee99706a22dbb9f9",
"hash": "f0a96a9c5973861bafa4d4ce6d2095fac44c8f0876b7087297aa7592e67cb0dc",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Trojan.Win32.Nitol.b (v)",
"virustotal": "https://www.virustotal.com/file/f0a96a9c5973861bafa4d4ce6d2095fac44c8f0876b7087297aa7592e67cb0dc/analysis/1503489799/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2d5509cffc232392ee99706a22dbb9f9"
},
{
"date": "08/23/2017 18:45:01",
"source": "deonaea 159.203.x.x",
"name": "876c4979fc62e6f85007d83521bd4a68",
"hash": "693c2d0cbb4654271eb2e50e1de61897997e842a094f104c8716d966b0b051ec",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32:Malware-gen",
"virustotal": "https://www.virustotal.com/file/693c2d0cbb4654271eb2e50e1de61897997e842a094f104c8716d966b0b051ec/analysis/1503513682/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/876c4979fc62e6f85007d83521bd4a68"
},
{
"date": "08/23/2017 18:00:01",
"source": "cowrie 159.203.x.x",
"name": "8cd4003b1d756355838ca0345b1e4b7d0a91c2e73e71b19ea77b6be55054820d",
"hash": "8cd4003b1d756355838ca0345b1e4b7d0a91c2e73e71b19ea77b6be55054820d",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.700583DB",
"virustotal": "https://www.virustotal.com/file/8cd4003b1d756355838ca0345b1e4b7d0a91c2e73e71b19ea77b6be55054820d/analysis/1503363966/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8cd4003b1d756355838ca0345b1e4b7d0a91c2e73e71b19ea77b6be55054820d"
},
{
"date": "08/23/2017 13:00:01",
"source": "deonaea 192.241.x.x",
"name": "e8dd64c28995b7dea36715c70c256085",
"hash": "68383c386467465b73ff3aaf193d75d74a847e15b972c7196f89f5c98dba511a",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Generic.Mulinex.8F4FB5BB",
"virustotal": "https://www.virustotal.com/file/68383c386467465b73ff3aaf193d75d74a847e15b972c7196f89f5c98dba511a/analysis/1502895745/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e8dd64c28995b7dea36715c70c256085"
},
{
"date": "08/23/2017 13:00:01",
"source": "deonaea 192.241.x.x",
"name": "621c0b356c49edc5ce4cf3ee88c30f82",
"hash": "cd0bce4eb015f2eeebf13d9c07e2700417e3ed6766ce71c107e7e827ce5433bd",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Zusy.227790",
"virustotal": "https://www.virustotal.com/file/cd0bce4eb015f2eeebf13d9c07e2700417e3ed6766ce71c107e7e827ce5433bd/analysis/1500926348/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/621c0b356c49edc5ce4cf3ee88c30f82"
},
{
"date": "08/19/2017 13:05:01",
"source": "deonaea 159.203.x.x",
"name": "3bafd3e7abc2a7a52d660d29854ac877",
"hash": "b2c4fba657d05ea133e99da07a9135cad9662477ce699e7c410cdd5a33d70ce1",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.399055",
"virustotal": "https://www.virustotal.com/file/b2c4fba657d05ea133e99da07a9135cad9662477ce699e7c410cdd5a33d70ce1/analysis/1503141329/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/3bafd3e7abc2a7a52d660d29854ac877"
},
{
"date": "08/19/2017 11:35:01",
"source": "cowrie 159.203.x.x",
"name": "75430dd2b85c8d15e9e1a52312a77d6ddff18aca88e6320a1e65b3c5118e26d3",
"hash": "75430dd2b85c8d15e9e1a52312a77d6ddff18aca88e6320a1e65b3c5118e26d3",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.B5671A3F",
"virustotal": "https://www.virustotal.com/file/75430dd2b85c8d15e9e1a52312a77d6ddff18aca88e6320a1e65b3c5118e26d3/analysis/1503144047/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/75430dd2b85c8d15e9e1a52312a77d6ddff18aca88e6320a1e65b3c5118e26d3"
},
{
"date": "08/19/2017 11:35:01",
"source": "cowrie 159.203.x.x",
"name": "5666662f0c4707eac8678f8e4b6625c309b0383c0b1a86b7a32c4990c7f93164",
"hash": "5666662f0c4707eac8678f8e4b6625c309b0383c0b1a86b7a32c4990c7f93164",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.476F93DE",
"virustotal": "https://www.virustotal.com/file/5666662f0c4707eac8678f8e4b6625c309b0383c0b1a86b7a32c4990c7f93164/analysis/1503144006/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5666662f0c4707eac8678f8e4b6625c309b0383c0b1a86b7a32c4990c7f93164"
},
{
"date": "08/19/2017 10:10:01",
"source": "deonaea 159.203.x.x",
"name": "d8c5e98aead2d86c390b3fab62fd6892",
"hash": "b5344ef59655e7bed7df0aa4e791e938daba0ffd8caa6c88456302e516577ec8",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.65895",
"virustotal": "https://www.virustotal.com/file/b5344ef59655e7bed7df0aa4e791e938daba0ffd8caa6c88456302e516577ec8/analysis/1503138607/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/d8c5e98aead2d86c390b3fab62fd6892"
},
{
"date": "08/19/2017 10:10:01",
"source": "deonaea 159.203.x.x",
"name": "ba180eb196ed84e14a81fbc1a8808872",
"hash": "46984816e179d02d2da5af0414ba1ffd367d6554cd4e515aca92c9172da0a08e",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.65895",
"virustotal": "https://www.virustotal.com/file/46984816e179d02d2da5af0414ba1ffd367d6554cd4e515aca92c9172da0a08e/analysis/1503131149/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ba180eb196ed84e14a81fbc1a8808872"
},
{
"date": "08/19/2017 10:10:01",
"source": "deonaea 159.203.x.x",
"name": "8f96ca8503a680cd791351a97257da97",
"hash": "733dc2313048bb42f1ff07ad5b8c752488730845a5e0119b63d7dd3a66009fed",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.65895",
"virustotal": "https://www.virustotal.com/file/733dc2313048bb42f1ff07ad5b8c752488730845a5e0119b63d7dd3a66009fed/analysis/1503131209/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8f96ca8503a680cd791351a97257da97"
},
{
"date": "08/19/2017 10:10:01",
"source": "cowrie 159.203.x.x",
"name": "7dedd31a89baf30a5a256fcbdd998a111ce1b393dfc740b65166ee36d0d741a1",
"hash": "7dedd31a89baf30a5a256fcbdd998a111ce1b393dfc740b65166ee36d0d741a1",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.21376F26",
"virustotal": "https://www.virustotal.com/file/7dedd31a89baf30a5a256fcbdd998a111ce1b393dfc740b65166ee36d0d741a1/analysis/1503137043/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7dedd31a89baf30a5a256fcbdd998a111ce1b393dfc740b65166ee36d0d741a1"
},
{
"date": "08/19/2017 10:10:01",
"source": "cowrie 159.203.x.x",
"name": "70c0e7cccb256b9d6ee719b25232a9da1f12b65860764c47e8e9c3402a1132c0",
"hash": "70c0e7cccb256b9d6ee719b25232a9da1f12b65860764c47e8e9c3402a1132c0",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.E8E6C6E0",
"virustotal": "https://www.virustotal.com/file/70c0e7cccb256b9d6ee719b25232a9da1f12b65860764c47e8e9c3402a1132c0/analysis/1503137045/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/70c0e7cccb256b9d6ee719b25232a9da1f12b65860764c47e8e9c3402a1132c0"
},
{
"date": "08/19/2017 10:10:01",
"source": "cowrie 159.203.x.x",
"name": "37d14de03d8a11b8210d5608863247bd959f2556f6e43a9c722de1d7a24f9132",
"hash": "37d14de03d8a11b8210d5608863247bd959f2556f6e43a9c722de1d7a24f9132",
"type": "HTML document, ASCII text, with very long lines, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/37d14de03d8a11b8210d5608863247bd959f2556f6e43a9c722de1d7a24f9132/analysis/1489223172/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/37d14de03d8a11b8210d5608863247bd959f2556f6e43a9c722de1d7a24f9132"
},
{
"date": "08/19/2017 10:10:01",
"source": "cowrie 159.203.x.x",
"name": "058c433c2ded17607f36524e05ad2aee3501f1629b8cc30ce4f602f650aa2f85",
"hash": "058c433c2ded17607f36524e05ad2aee3501f1629b8cc30ce4f602f650aa2f85",
"type": "HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/058c433c2ded17607f36524e05ad2aee3501f1629b8cc30ce4f602f650aa2f85/analysis/1503138734/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/058c433c2ded17607f36524e05ad2aee3501f1629b8cc30ce4f602f650aa2f85"
},
{
"date": "08/19/2017 09:10:01",
"source": "cowrie 159.203.x.x",
"name": "73f500a1f7a8c895fe3073c99d209a2fa1a163796d297407a89021bb02144d50",
"hash": "73f500a1f7a8c895fe3073c99d209a2fa1a163796d297407a89021bb02144d50",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.2EE99C9C",
"virustotal": "https://www.virustotal.com/file/73f500a1f7a8c895fe3073c99d209a2fa1a163796d297407a89021bb02144d50/analysis/1503133444/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/73f500a1f7a8c895fe3073c99d209a2fa1a163796d297407a89021bb02144d50"
},
{
"date": "08/19/2017 09:05:01",
"source": "cowrie 159.203.x.x",
"name": "27dc4a7d78203e27b83659cf8b97dafcb5f7042830ba2fe1b3953e649f126dd0",
"hash": "27dc4a7d78203e27b83659cf8b97dafcb5f7042830ba2fe1b3953e649f126dd0",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.C2B9CA6A",
"virustotal": "https://www.virustotal.com/file/27dc4a7d78203e27b83659cf8b97dafcb5f7042830ba2fe1b3953e649f126dd0/analysis/1503133442/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/27dc4a7d78203e27b83659cf8b97dafcb5f7042830ba2fe1b3953e649f126dd0"
},
{
"date": "08/18/2017 20:45:01",
"source": "cowrie 159.203.x.x",
"name": "6d794385c6fe6b2f4ccd33c3240bd45639139f86e77a5452cb309e099c985e2f",
"hash": "6d794385c6fe6b2f4ccd33c3240bd45639139f86e77a5452cb309e099c985e2f",
"type": "POSIX shell script, ASCII text executable",
"classification": "BV:Downloader-JQ [Drp]",
"virustotal": "https://www.virustotal.com/file/6d794385c6fe6b2f4ccd33c3240bd45639139f86e77a5452cb309e099c985e2f/analysis/1502317553/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/6d794385c6fe6b2f4ccd33c3240bd45639139f86e77a5452cb309e099c985e2f"
},
{
"date": "08/18/2017 17:20:01",
"source": "deonaea 159.203.x.x",
"name": "b3bf55523022184c67e8a21ba6b3d04d",
"hash": "9aae4c55c656d800a6f51fcac3a61d00ce99a5d1f203b97aecc367e11a596f0c",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32:Malware-gen",
"virustotal": "https://www.virustotal.com/file/9aae4c55c656d800a6f51fcac3a61d00ce99a5d1f203b97aecc367e11a596f0c/analysis/1503076222/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b3bf55523022184c67e8a21ba6b3d04d"
},
{
"date": "08/18/2017 13:05:01",
"source": "cowrie 159.203.x.x",
"name": "8507cea8249d00a66126745dac91ae41afa4119155907dfbb816ec0ee3fe0a6b",
"hash": "8507cea8249d00a66126745dac91ae41afa4119155907dfbb816ec0ee3fe0a6b",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.72E86A49",
"virustotal": "https://www.virustotal.com/file/8507cea8249d00a66126745dac91ae41afa4119155907dfbb816ec0ee3fe0a6b/analysis/1503061443/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8507cea8249d00a66126745dac91ae41afa4119155907dfbb816ec0ee3fe0a6b"
},
{
"date": "08/18/2017 13:05:01",
"source": "cowrie 159.203.x.x",
"name": "0c530cdc62c635db6d20dc1c5218f98aef2930cc596e08d796ae7b959e9d6ad8",
"hash": "0c530cdc62c635db6d20dc1c5218f98aef2930cc596e08d796ae7b959e9d6ad8",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.AF8CA18F",
"virustotal": "https://www.virustotal.com/file/0c530cdc62c635db6d20dc1c5218f98aef2930cc596e08d796ae7b959e9d6ad8/analysis/1503061444/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0c530cdc62c635db6d20dc1c5218f98aef2930cc596e08d796ae7b959e9d6ad8"
},
{
"date": "08/18/2017 12:30:01",
"source": "cowrie 159.203.x.x",
"name": "6b7194e83ebdf0d72494e7e9a212f1ba9d5c7d751e9bfb6a7b0a88c6f2450a88",
"hash": "6b7194e83ebdf0d72494e7e9a212f1ba9d5c7d751e9bfb6a7b0a88c6f2450a88",
"type": "POSIX shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.A82380D0",
"virustotal": "https://www.virustotal.com/file/6b7194e83ebdf0d72494e7e9a212f1ba9d5c7d751e9bfb6a7b0a88c6f2450a88/analysis/1503012606/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/6b7194e83ebdf0d72494e7e9a212f1ba9d5c7d751e9bfb6a7b0a88c6f2450a88"
},
{
"date": "08/17/2017 19:50:01",
"source": "cowrie 159.203.x.x",
"name": "f7d2a379943fbd8148d6b08853d64ed21f8dd7dcd5bb913709dee95628ff4d32",
"hash": "f7d2a379943fbd8148d6b08853d64ed21f8dd7dcd5bb913709dee95628ff4d32",
"type": "Zip archive data, at least v1.0 to extract",
"classification": "nondeterministic",
"virustotal": "" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f7d2a379943fbd8148d6b08853d64ed21f8dd7dcd5bb913709dee95628ff4d32"
},
{
"date": "08/17/2017 19:50:01",
"source": "cowrie 159.203.x.x",
"name": "b933127dc657c8eb9c5003ac1ec9836f996af68f18607fdcbd8aea2b84b5bf24",
"hash": "b933127dc657c8eb9c5003ac1ec9836f996af68f18607fdcbd8aea2b84b5bf24",
"type": "HTML document, ASCII text, with very long lines",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/b933127dc657c8eb9c5003ac1ec9836f996af68f18607fdcbd8aea2b84b5bf24/analysis/1503000006/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b933127dc657c8eb9c5003ac1ec9836f996af68f18607fdcbd8aea2b84b5bf24"
},
{
"date": "08/17/2017 19:50:01",
"source": "cowrie 159.203.x.x",
"name": "21da67a2a7c6a94728fa4a458693c49f412ac36b3063e2fbc1e5f78774219b78",
"hash": "21da67a2a7c6a94728fa4a458693c49f412ac36b3063e2fbc1e5f78774219b78",
"type": "Python script, ASCII text executable, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/21da67a2a7c6a94728fa4a458693c49f412ac36b3063e2fbc1e5f78774219b78/analysis/1502442378/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/21da67a2a7c6a94728fa4a458693c49f412ac36b3063e2fbc1e5f78774219b78"
},
{
"date": "08/17/2017 16:05:01",
"source": "cowrie 159.203.x.x",
"name": "72717fb880dd60906b3cc699f4392b2a1d63a130ac79bc6580b504bfc17f1400",
"hash": "72717fb880dd60906b3cc699f4392b2a1d63a130ac79bc6580b504bfc17f1400",
"type": "ASCII text, with CRLF line terminators",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.as",
"virustotal": "https://www.virustotal.com/file/72717fb880dd60906b3cc699f4392b2a1d63a130ac79bc6580b504bfc17f1400/analysis/1502826349/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/72717fb880dd60906b3cc699f4392b2a1d63a130ac79bc6580b504bfc17f1400"
},
{
"date": "08/17/2017 13:00:01",
"source": "cowrie 159.203.x.x",
"name": "e9d6c4b6ce81a29b7caec33a536d9a6667eb2932204bdb8c5317d9b7f9d6b190",
"hash": "e9d6c4b6ce81a29b7caec33a536d9a6667eb2932204bdb8c5317d9b7f9d6b190",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.7E072DD4",
"virustotal": "https://www.virustotal.com/file/e9d6c4b6ce81a29b7caec33a536d9a6667eb2932204bdb8c5317d9b7f9d6b190/analysis/1502973007/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e9d6c4b6ce81a29b7caec33a536d9a6667eb2932204bdb8c5317d9b7f9d6b190"
},
{
"date": "08/17/2017 12:30:01",
"source": "cowrie 159.203.x.x",
"name": "195d9f69e771135bce33d1d14a2baf67510a7019fb648ce0422ce01aa97873dc",
"hash": "195d9f69e771135bce33d1d14a2baf67510a7019fb648ce0422ce01aa97873dc",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.285C16E1",
"virustotal": "https://www.virustotal.com/file/195d9f69e771135bce33d1d14a2baf67510a7019fb648ce0422ce01aa97873dc/analysis/1502973050/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/195d9f69e771135bce33d1d14a2baf67510a7019fb648ce0422ce01aa97873dc"
},
{
"date": "08/17/2017 03:05:01",
"source": "cowrie 159.203.x.x",
"name": "a8810a0cc3e0606ebcf2e0b4feb1f4084190ade50b7d15ccb1ebe94e7937d953",
"hash": "a8810a0cc3e0606ebcf2e0b4feb1f4084190ade50b7d15ccb1ebe94e7937d953",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.9C61C988",
"virustotal": "https://www.virustotal.com/file/a8810a0cc3e0606ebcf2e0b4feb1f4084190ade50b7d15ccb1ebe94e7937d953/analysis/1502939043/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a8810a0cc3e0606ebcf2e0b4feb1f4084190ade50b7d15ccb1ebe94e7937d953"
},
{
"date": "08/17/2017 03:00:01",
"source": "cowrie 159.203.x.x",
"name": "12f034b641ce4e5145aaebecbaf672c3091a9b77ec5ae0afd01d35a3f59e5c22",
"hash": "12f034b641ce4e5145aaebecbaf672c3091a9b77ec5ae0afd01d35a3f59e5c22",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.6AA1197E",
"virustotal": "https://www.virustotal.com/file/12f034b641ce4e5145aaebecbaf672c3091a9b77ec5ae0afd01d35a3f59e5c22/analysis/1502938807/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/12f034b641ce4e5145aaebecbaf672c3091a9b77ec5ae0afd01d35a3f59e5c22"
},
{
"date": "08/16/2017 19:40:01",
"source": "cowrie 159.203.x.x",
"name": "26e15f5dad252376dc49fb169790e9ea0c85996692fee4dd6fa5fd4f2819bb3f",
"hash": "26e15f5dad252376dc49fb169790e9ea0c85996692fee4dd6fa5fd4f2819bb3f",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.7CC9CD61",
"virustotal": "https://www.virustotal.com/file/26e15f5dad252376dc49fb169790e9ea0c85996692fee4dd6fa5fd4f2819bb3f/analysis/1502874007/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/26e15f5dad252376dc49fb169790e9ea0c85996692fee4dd6fa5fd4f2819bb3f"
},
{
"date": "08/16/2017 19:00:02",
"source": "cowrie 159.203.x.x",
"name": "20170816185945_f47c1ca8f6dd_0_http___195_88_209_57_mariko_sh",
"hash": "26e15f5dad252376dc49fb169790e9ea0c85996692fee4dd6fa5fd4f2819bb3f",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.7CC9CD61",
"virustotal": "https://www.virustotal.com/file/26e15f5dad252376dc49fb169790e9ea0c85996692fee4dd6fa5fd4f2819bb3f/analysis/1502874007/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/20170816185945_f47c1ca8f6dd_0_http___195_88_209_57_mariko_sh"
},
{
"date": "08/16/2017 18:20:01",
"source": "deonaea 159.203.x.x",
"name": "22c45e1d2d478a7c3310ff8e229c25a4",
"hash": "737a0c13eb8e2f1b2e9f9bd08a392c343bb27f45c8e2d3aecc97e70465c162ea",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Zusy.251489",
"virustotal": "https://www.virustotal.com/file/737a0c13eb8e2f1b2e9f9bd08a392c343bb27f45c8e2d3aecc97e70465c162ea/analysis/1502887155/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/22c45e1d2d478a7c3310ff8e229c25a4"
},
{
"date": "08/15/2017 21:00:01",
"source": "cowrie 159.203.x.x",
"name": "94ee059335e587e501cc4bf90613e0814f00a7b08bc7c648fd865a2af6a22cc2",
"hash": "94ee059335e587e501cc4bf90613e0814f00a7b08bc7c648fd865a2af6a22cc2",
"type": "ASCII text, with no line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/94ee059335e587e501cc4bf90613e0814f00a7b08bc7c648fd865a2af6a22cc2/analysis/1502823590/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/94ee059335e587e501cc4bf90613e0814f00a7b08bc7c648fd865a2af6a22cc2"
},
{
"date": "08/15/2017 03:00:01",
"source": "cowrie 159.203.x.x",
"name": "e1f3ff4ceaa6ae886a581c0f2664f5a1d847bdf190d2b652b7b6860d91edb392",
"hash": "e1f3ff4ceaa6ae886a581c0f2664f5a1d847bdf190d2b652b7b6860d91edb392",
"type": "POSIX shell script, ASCII text executable",
"classification": "BV:Downloader-JQ [Drp]",
"virustotal": "https://www.virustotal.com/file/e1f3ff4ceaa6ae886a581c0f2664f5a1d847bdf190d2b652b7b6860d91edb392/analysis/1502762644/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e1f3ff4ceaa6ae886a581c0f2664f5a1d847bdf190d2b652b7b6860d91edb392"
},
{
"date": "08/15/2017 01:05:01",
"source": "cowrie 159.203.x.x",
"name": "4d30e9edb4b04a369f4d1e1c2b8a57b20ce921f0e1dd432126a5491f5471b76d",
"hash": "4d30e9edb4b04a369f4d1e1c2b8a57b20ce921f0e1dd432126a5491f5471b76d",
"type": "ASCII text, with very long lines",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/4d30e9edb4b04a369f4d1e1c2b8a57b20ce921f0e1dd432126a5491f5471b76d/analysis/1502370367/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/4d30e9edb4b04a369f4d1e1c2b8a57b20ce921f0e1dd432126a5491f5471b76d"
},
{
"date": "08/14/2017 22:35:01",
"source": "deonaea 159.203.x.x",
"name": "1bda150b6499ef328e9f5210fc8a60b7",
"hash": "d69e3a0226a40cc905a20b5092f6169992c8b62912d823a70f5d93d680a80520",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Mikey.58276",
"virustotal": "https://www.virustotal.com/file/d69e3a0226a40cc905a20b5092f6169992c8b62912d823a70f5d93d680a80520/analysis/1502507041/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1bda150b6499ef328e9f5210fc8a60b7"
},
{
"date": "08/14/2017 13:50:01",
"source": "cowrie 159.203.x.x",
"name": "e02e3d15ff9aafb70185f2e5961e603ed5537446391dd669ebf0235f3bfda712",
"hash": "e02e3d15ff9aafb70185f2e5961e603ed5537446391dd669ebf0235f3bfda712",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/e02e3d15ff9aafb70185f2e5961e603ed5537446391dd669ebf0235f3bfda712/analysis/1502587825/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e02e3d15ff9aafb70185f2e5961e603ed5537446391dd669ebf0235f3bfda712"
},
{
"date": "08/14/2017 10:45:01",
"source": "deonaea 159.203.x.x",
"name": "201f0db3a2edb294d0cc79524a54e3d4",
"hash": "3b539e1f5a96760cbd086887df00390b065da9fa3d4cbf854db2646774153f37",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Generic.ServStart.A.A682B9A0",
"virustotal": "https://www.virustotal.com/file/3b539e1f5a96760cbd086887df00390b065da9fa3d4cbf854db2646774153f37/analysis/1502656304/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/201f0db3a2edb294d0cc79524a54e3d4"
},
{
"date": "08/13/2017 20:10:01",
"source": "cowrie 159.203.x.x",
"name": "18dd12499b26cfe330283a90d918ca351fdf51c824778141e1bcb14b77a11f3b",
"hash": "18dd12499b26cfe330283a90d918ca351fdf51c824778141e1bcb14b77a11f3b",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.027BF708",
"virustotal": "https://www.virustotal.com/file/18dd12499b26cfe330283a90d918ca351fdf51c824778141e1bcb14b77a11f3b/analysis/1502656206/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/18dd12499b26cfe330283a90d918ca351fdf51c824778141e1bcb14b77a11f3b"
},
{
"date": "08/13/2017 18:30:01",
"source": "cowrie 159.203.x.x",
"name": "01d31237b7ac862e1d1444dad3949511f2dedf29480825543da79970bb4992de",
"hash": "01d31237b7ac862e1d1444dad3949511f2dedf29480825543da79970bb4992de",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.EF066DD6",
"virustotal": "https://www.virustotal.com/file/01d31237b7ac862e1d1444dad3949511f2dedf29480825543da79970bb4992de/analysis/1502627406/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/01d31237b7ac862e1d1444dad3949511f2dedf29480825543da79970bb4992de"
},
{
"date": "08/13/2017 08:45:01",
"source": "cowrie 159.203.x.x",
"name": "0d428a3f830002a6cd914b20212e179f25984bf61e185fa7ec2e932cf5269943",
"hash": "0d428a3f830002a6cd914b20212e179f25984bf61e185fa7ec2e932cf5269943",
"type": "Python script, ASCII text executable",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/0d428a3f830002a6cd914b20212e179f25984bf61e185fa7ec2e932cf5269943/analysis/1501290366/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0d428a3f830002a6cd914b20212e179f25984bf61e185fa7ec2e932cf5269943"
},
{
"date": "08/13/2017 05:10:01",
"source": "cowrie 159.203.x.x",
"name": "df186bf960a901ddbcbbe5b8a3f37a652104718d99a8972b2ed7d85b1623ca7a",
"hash": "df186bf960a901ddbcbbe5b8a3f37a652104718d99a8972b2ed7d85b1623ca7a",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.12011514",
"virustotal": "https://www.virustotal.com/file/df186bf960a901ddbcbbe5b8a3f37a652104718d99a8972b2ed7d85b1623ca7a/analysis/1501985258/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/df186bf960a901ddbcbbe5b8a3f37a652104718d99a8972b2ed7d85b1623ca7a"
},
{
"date": "08/13/2017 04:45:01",
"source": "cowrie 159.203.x.x",
"name": "573daa66c899618e179ac7d5e556b8c73b3e77e02c6086bee3673c90b770ee36",
"hash": "573daa66c899618e179ac7d5e556b8c73b3e77e02c6086bee3673c90b770ee36",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.B6E3893D",
"virustotal": "https://www.virustotal.com/file/573daa66c899618e179ac7d5e556b8c73b3e77e02c6086bee3673c90b770ee36/analysis/1502535844/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/573daa66c899618e179ac7d5e556b8c73b3e77e02c6086bee3673c90b770ee36"
},
{
"date": "08/12/2017 21:30:01",
"source": "cowrie 159.203.x.x",
"name": "e725bb26310d0efdfac44094f8ecdac07f1d737aebf66e950a15cbeb88086ac6",
"hash": "e725bb26310d0efdfac44094f8ecdac07f1d737aebf66e950a15cbeb88086ac6",
"type": "POSIX shell script, ASCII text executable",
"classification": "BV:Downloader-JQ [Drp]",
"virustotal": "https://www.virustotal.com/file/e725bb26310d0efdfac44094f8ecdac07f1d737aebf66e950a15cbeb88086ac6/analysis/1502571843/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e725bb26310d0efdfac44094f8ecdac07f1d737aebf66e950a15cbeb88086ac6"
},
{
"date": "08/12/2017 17:00:01",
"source": "deonaea 159.203.x.x",
"name": "4258a22f4c8a646f6d64401fb8d9fbe5",
"hash": "e02c07653adbe877496e145fa7a3091d5f8435c9791f6117119f8373bc0fca49",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.401735",
"virustotal": "https://www.virustotal.com/file/e02c07653adbe877496e145fa7a3091d5f8435c9791f6117119f8373bc0fca49/analysis/1502522257/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/4258a22f4c8a646f6d64401fb8d9fbe5"
},
{
"date": "08/12/2017 13:40:01",
"source": "cowrie 159.203.x.x",
"name": "ef1f6d7d7aa87b1eb1324fc3045814c0e542aa6c3a9f8a2effeafeaaace595fa",
"hash": "ef1f6d7d7aa87b1eb1324fc3045814c0e542aa6c3a9f8a2effeafeaaace595fa",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.2A787A80",
"virustotal": "https://www.virustotal.com/file/ef1f6d7d7aa87b1eb1324fc3045814c0e542aa6c3a9f8a2effeafeaaace595fa/analysis/1502449572/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ef1f6d7d7aa87b1eb1324fc3045814c0e542aa6c3a9f8a2effeafeaaace595fa"
},
{
"date": "08/12/2017 08:35:01",
"source": "deonaea 159.203.x.x",
"name": "9f7c52579eee931f7f702aa724cfeb8c",
"hash": "fd9585cc81a4cabbabee7885bf149144e952171443c12c957a6b23b5e557c7a8",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.398863",
"virustotal": "https://www.virustotal.com/file/fd9585cc81a4cabbabee7885bf149144e952171443c12c957a6b23b5e557c7a8/analysis/1502517691/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/9f7c52579eee931f7f702aa724cfeb8c"
},
{
"date": "08/11/2017 08:00:01",
"source": "deonaea 159.203.x.x",
"name": "01d1bea59b155feb03399b70870c5cb4",
"hash": "205c4d514995a8b54d5b5240ec44b3b625354a8527426fb2a660de9c9d019b26",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Midie.39829",
"virustotal": "https://www.virustotal.com/file/205c4d514995a8b54d5b5240ec44b3b625354a8527426fb2a660de9c9d019b26/analysis/1502430829/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/01d1bea59b155feb03399b70870c5cb4"
},
{
"date": "08/11/2017 02:40:01",
"source": "cowrie 159.203.x.x",
"name": "83816b71bf4b3439f627e43bc4933ff6b1b4d9e6acba8aa35121099ae52fddf0",
"hash": "83816b71bf4b3439f627e43bc4933ff6b1b4d9e6acba8aa35121099ae52fddf0",
"type": "POSIX shell script, ASCII text executable, with CRLF line terminators",
"classification": "BV:Downloader-JQ [Drp]",
"virustotal": "https://www.virustotal.com/file/83816b71bf4b3439f627e43bc4933ff6b1b4d9e6acba8aa35121099ae52fddf0/analysis/1502345043/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/83816b71bf4b3439f627e43bc4933ff6b1b4d9e6acba8aa35121099ae52fddf0"
},
{
"date": "08/11/2017 01:55:01",
"source": "deonaea 159.203.x.x",
"name": "a60b7c4d815fb56354240c817799e66d",
"hash": "256b0c2059ac9b512dd190ac83760c8b6e019a00484e763d2f50cafcc5d552e4",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Parite.B",
"virustotal": "https://www.virustotal.com/file/256b0c2059ac9b512dd190ac83760c8b6e019a00484e763d2f50cafcc5d552e4/analysis/1502399174/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a60b7c4d815fb56354240c817799e66d"
},
{
"date": "08/11/2017 01:55:01",
"source": "deonaea 159.203.x.x",
"name": "7d67727677c531db74f356d4f60d5338",
"hash": "38ad20c78abaabe09f0cf26b586d710c9268868af1c02b4a8d242baee1887ba3",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Virtob.Gen.12",
"virustotal": "https://www.virustotal.com/file/38ad20c78abaabe09f0cf26b586d710c9268868af1c02b4a8d242baee1887ba3/analysis/1502386697/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7d67727677c531db74f356d4f60d5338"
},
{
"date": "08/10/2017 06:25:01",
"source": "deonaea 159.203.x.x",
"name": "08453c78a4c4e608dac8afcda9793077",
"hash": "a486c688dbb0fbb21909476857f47ebf5d8afd9519e582fb45bc38d275971c88",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Generic.ServStart.A.49A7C3AC",
"virustotal": "https://www.virustotal.com/file/a486c688dbb0fbb21909476857f47ebf5d8afd9519e582fb45bc38d275971c88/analysis/1502338734/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/08453c78a4c4e608dac8afcda9793077"
},
{
"date": "08/09/2017 02:15:01",
"source": "deonaea 159.203.x.x",
"name": "d6362bdf13a789790e7cadcd110b9e4d",
"hash": "1dce77bcddf265fb61abaa92ccf30a93fc9831c82eafd3dec13bbe1f635f2666",
"type": "PE32 executable (DLL) (GUI) Intel 80386, for MS Windows",
"classification": "W32/Downloader-Web-based!Maximu",
"virustotal": "https://www.virustotal.com/file/1dce77bcddf265fb61abaa92ccf30a93fc9831c82eafd3dec13bbe1f635f2666/analysis/1489236078/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/d6362bdf13a789790e7cadcd110b9e4d"
},
{
"date": "08/09/2017 00:45:01",
"source": "cowrie 159.203.x.x",
"name": "9558df28f3790b1201029f84fd377fe8b62f98a9e8096c079ce7d81897ab90ac",
"hash": "9558df28f3790b1201029f84fd377fe8b62f98a9e8096c079ce7d81897ab90ac",
"type": "POSIX shell script, ASCII text executable",
"classification": "BV:Downloader-JQ [Drp]",
"virustotal": "https://www.virustotal.com/file/9558df28f3790b1201029f84fd377fe8b62f98a9e8096c079ce7d81897ab90ac/analysis/1502233443/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/9558df28f3790b1201029f84fd377fe8b62f98a9e8096c079ce7d81897ab90ac"
},
{
"date": "08/08/2017 16:50:01",
"source": "deonaea 159.203.x.x",
"name": "eccb44e2a6cb4ece00f17f2a56d918f4",
"hash": "f63bc58b8211b84e9f0bd1529c7180801767f3aeb401944d8e87844169057835",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.55449",
"virustotal": "https://www.virustotal.com/file/f63bc58b8211b84e9f0bd1529c7180801767f3aeb401944d8e87844169057835/analysis/1500343612/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/eccb44e2a6cb4ece00f17f2a56d918f4"
},
{
"date": "08/07/2017 17:30:01",
"source": "deonaea 159.203.x.x",
"name": "846c423ee8e6b1ca3edf5490a494227a",
"hash": "4162b540dce3c242da7d06870c4d9d1ffe8107c3f34f387f0be57c6fb15f50f5",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Trojan.GenericKD.5546466",
"virustotal": "https://www.virustotal.com/file/4162b540dce3c242da7d06870c4d9d1ffe8107c3f34f387f0be57c6fb15f50f5/analysis/1500578455/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/846c423ee8e6b1ca3edf5490a494227a"
},
{
"date": "08/07/2017 08:20:01",
"source": "cowrie 159.203.x.x",
"name": "62ef49123ed8bd1dd5601b8f203ac2fa7f0d43c95ecf7b76dcc1e5c76e4ed8ba",
"hash": "62ef49123ed8bd1dd5601b8f203ac2fa7f0d43c95ecf7b76dcc1e5c76e4ed8ba",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.as",
"virustotal": "https://www.virustotal.com/file/62ef49123ed8bd1dd5601b8f203ac2fa7f0d43c95ecf7b76dcc1e5c76e4ed8ba/analysis/1502006645/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/62ef49123ed8bd1dd5601b8f203ac2fa7f0d43c95ecf7b76dcc1e5c76e4ed8ba"
},
{
"date": "08/07/2017 08:15:01",
"source": "cowrie 159.203.x.x",
"name": "9a346b95626ecf6d259079ca0e783463b86b682af59335b2524bb2e935ef4d16",
"hash": "9a346b95626ecf6d259079ca0e783463b86b682af59335b2524bb2e935ef4d16",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.D4D18BE6",
"virustotal": "https://www.virustotal.com/file/9a346b95626ecf6d259079ca0e783463b86b682af59335b2524bb2e935ef4d16/analysis/1502071443/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/9a346b95626ecf6d259079ca0e783463b86b682af59335b2524bb2e935ef4d16"
},
{
"date": "08/07/2017 08:05:01",
"source": "cowrie 159.203.x.x",
"name": "43ac11104d3abb819445ddda5e2728823324a048d823fe797511be48c04d542c",
"hash": "43ac11104d3abb819445ddda5e2728823324a048d823fe797511be48c04d542c",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.58EF0F54",
"virustotal": "https://www.virustotal.com/file/43ac11104d3abb819445ddda5e2728823324a048d823fe797511be48c04d542c/analysis/1501247167/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/43ac11104d3abb819445ddda5e2728823324a048d823fe797511be48c04d542c"
},
{
"date": "08/06/2017 22:35:01",
"source": "cowrie 159.203.x.x",
"name": "60a6a3ab2ebda50a040b25621ad336140eef1c552263abf1906b4a4cf50e817c",
"hash": "60a6a3ab2ebda50a040b25621ad336140eef1c552263abf1906b4a4cf50e817c",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.BDB5AB23",
"virustotal": "https://www.virustotal.com/file/60a6a3ab2ebda50a040b25621ad336140eef1c552263abf1906b4a4cf50e817c/analysis/1501999567/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/60a6a3ab2ebda50a040b25621ad336140eef1c552263abf1906b4a4cf50e817c"
},
{
"date": "08/06/2017 19:15:01",
"source": "cowrie 159.203.x.x",
"name": "329e18f081111f343aa8ca8cba950a56423c997d0a44d14fc4ea0b32cb42619c",
"hash": "329e18f081111f343aa8ca8cba950a56423c997d0a44d14fc4ea0b32cb42619c",
"type": "POSIX shell script, ASCII text executable",
"classification": "HEUR:Trojan-Downloader.Shell.Mirai.a",
"virustotal": "https://www.virustotal.com/file/329e18f081111f343aa8ca8cba950a56423c997d0a44d14fc4ea0b32cb42619c/analysis/1502046827/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/329e18f081111f343aa8ca8cba950a56423c997d0a44d14fc4ea0b32cb42619c"
},
{
"date": "08/06/2017 10:30:01",
"source": "cowrie 159.203.x.x",
"name": "db24ade75ab960e1d48ca4d7c56eb90e6c7dcfbe2cf4ebcdfe9553f5f582a1e9",
"hash": "db24ade75ab960e1d48ca4d7c56eb90e6c7dcfbe2cf4ebcdfe9553f5f582a1e9",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.06FD0788",
"virustotal": "https://www.virustotal.com/file/db24ade75ab960e1d48ca4d7c56eb90e6c7dcfbe2cf4ebcdfe9553f5f582a1e9/analysis/1501985170/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/db24ade75ab960e1d48ca4d7c56eb90e6c7dcfbe2cf4ebcdfe9553f5f582a1e9"
},
{
"date": "08/06/2017 09:30:01",
"source": "deonaea 159.203.x.x",
"name": "26c1bcdb4910bca4a832505d27f0d23e",
"hash": "36268ce2df8dc6887cc3e7b1b0b3cec3460956147c205bb656ad1d5097a3c4b8",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Parite.C",
"virustotal": "https://www.virustotal.com/file/36268ce2df8dc6887cc3e7b1b0b3cec3460956147c205bb656ad1d5097a3c4b8/analysis/1501955929/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/26c1bcdb4910bca4a832505d27f0d23e"
},
{
"date": "08/06/2017 09:30:01",
"source": "deonaea 159.203.x.x",
"name": "16b5bec618321daef93e58ec1eba7c51",
"hash": "5b5818b3a51362902911feb27360b04366dfd6d4846e9ec17ca45843f61e7dcb",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Mikey.69069",
"virustotal": "https://www.virustotal.com/file/5b5818b3a51362902911feb27360b04366dfd6d4846e9ec17ca45843f61e7dcb/analysis/1501947246/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/16b5bec618321daef93e58ec1eba7c51"
},
{
"date": "08/06/2017 09:30:01",
"source": "deonaea 159.203.x.x",
"name": "10052360d8bc7b894ba82d85a0440a01",
"hash": "233e4402e7a4a5ecddff4ff7533dc13cbc2e4bb84123268bbef2a4512401f9c4",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Parite.C",
"virustotal": "https://www.virustotal.com/file/233e4402e7a4a5ecddff4ff7533dc13cbc2e4bb84123268bbef2a4512401f9c4/analysis/1501956030/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/10052360d8bc7b894ba82d85a0440a01"
},
{
"date": "08/06/2017 05:35:01",
"source": "deonaea 159.203.x.x",
"name": "0a2c841961c6b4b6b09a9bfc9a79a94c",
"hash": "2e3fbb5eea5e23c9ca42ee1639c555f43f9892c0a80ba9364c871624a483fdf4",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Midie.34768",
"virustotal": "https://www.virustotal.com/file/2e3fbb5eea5e23c9ca42ee1639c555f43f9892c0a80ba9364c871624a483fdf4/analysis/1501924767/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0a2c841961c6b4b6b09a9bfc9a79a94c"
},
{
"date": "08/05/2017 18:50:01",
"source": "cowrie 159.203.x.x",
"name": "740e24085f1a968528c55daaf33f4b7ce382fd54ff1c6d25a63695d651999f7a",
"hash": "740e24085f1a968528c55daaf33f4b7ce382fd54ff1c6d25a63695d651999f7a",
"type": "POSIX shell script, ASCII text executable",
"classification": "HEUR:Trojan-Downloader.Shell.Mirai.a",
"virustotal": "https://www.virustotal.com/file/740e24085f1a968528c55daaf33f4b7ce382fd54ff1c6d25a63695d651999f7a/analysis/1501937342/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/740e24085f1a968528c55daaf33f4b7ce382fd54ff1c6d25a63695d651999f7a"
},
{
"date": "08/05/2017 13:50:01",
"source": "cowrie 159.203.x.x",
"name": "4a67b1d02f67c783a0607a55e6fadd75884150695ea6ce4800991263b4ab60df",
"hash": "4a67b1d02f67c783a0607a55e6fadd75884150695ea6ce4800991263b4ab60df",
"type": "POSIX shell script, ASCII text executable",
"classification": "BV:Downloader-JQ [Drp]",
"virustotal": "https://www.virustotal.com/file/4a67b1d02f67c783a0607a55e6fadd75884150695ea6ce4800991263b4ab60df/analysis/1501376642/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/4a67b1d02f67c783a0607a55e6fadd75884150695ea6ce4800991263b4ab60df"
},
{
"date": "08/05/2017 00:00:01",
"source": "deonaea 159.203.x.x",
"name": "169f547395f772e450ba811b97a9e798",
"hash": "9946d6d2a061e6de59136f49e33722f35c312d9166774a1bfbf47a3defa52379",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Ramnit",
"virustotal": "https://www.virustotal.com/file/9946d6d2a061e6de59136f49e33722f35c312d9166774a1bfbf47a3defa52379/analysis/1501798696/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/169f547395f772e450ba811b97a9e798"
},
{
"date": "08/04/2017 21:45:01",
"source": "deonaea 159.203.x.x",
"name": "033f2173f21e7670a4a438a86b0a2cce",
"hash": "8d70971460676b3cf2e6b63386b4ebae2b3c7f0f102ce8b6a63075fb3739903d",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.126536",
"virustotal": "https://www.virustotal.com/file/8d70971460676b3cf2e6b63386b4ebae2b3c7f0f102ce8b6a63075fb3739903d/analysis/1501859186/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/033f2173f21e7670a4a438a86b0a2cce"
},
{
"date": "08/04/2017 13:05:02",
"source": "cowrie 159.203.x.x",
"name": "f4572175a7052292177feb6455b20bd55447037752a81b30bd816d3033c3df3e",
"hash": "f4572175a7052292177feb6455b20bd55447037752a81b30bd816d3033c3df3e",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.FA5C6007",
"virustotal": "https://www.virustotal.com/file/f4572175a7052292177feb6455b20bd55447037752a81b30bd816d3033c3df3e/analysis/1501790643/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f4572175a7052292177feb6455b20bd55447037752a81b30bd816d3033c3df3e"
},
{
"date": "08/04/2017 13:00:01",
"source": "cowrie 159.203.x.x",
"name": "708e700f7442b54042d7bcb1cff0207265595627e481b79ebf5c2e0f70d1ddc3",
"hash": "708e700f7442b54042d7bcb1cff0207265595627e481b79ebf5c2e0f70d1ddc3",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.74D6027B",
"virustotal": "https://www.virustotal.com/file/708e700f7442b54042d7bcb1cff0207265595627e481b79ebf5c2e0f70d1ddc3/analysis/1501790646/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/708e700f7442b54042d7bcb1cff0207265595627e481b79ebf5c2e0f70d1ddc3"
},
{
"date": "08/04/2017 05:15:01",
"source": "cowrie 159.203.x.x",
"name": "76c99c2fb4783ff215f1c6e51d79d94b07ad1583d7affec3057f7f1a97c84204",
"hash": "76c99c2fb4783ff215f1c6e51d79d94b07ad1583d7affec3057f7f1a97c84204",
"type": "ASCII text",
"classification": "BV:Downloader-KB [Drp]",
"virustotal": "https://www.virustotal.com/file/76c99c2fb4783ff215f1c6e51d79d94b07ad1583d7affec3057f7f1a97c84204/analysis/1501823043/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/76c99c2fb4783ff215f1c6e51d79d94b07ad1583d7affec3057f7f1a97c84204"
},
{
"date": "08/04/2017 05:15:01",
"source": "cowrie 159.203.x.x",
"name": "5e2ec78344f74f12287b8c7c8e6902a34fe70d14a42cd7fa0718573bfcae2992",
"hash": "5e2ec78344f74f12287b8c7c8e6902a34fe70d14a42cd7fa0718573bfcae2992",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.BE01BB4C",
"virustotal": "https://www.virustotal.com/file/5e2ec78344f74f12287b8c7c8e6902a34fe70d14a42cd7fa0718573bfcae2992/analysis/1501606710/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5e2ec78344f74f12287b8c7c8e6902a34fe70d14a42cd7fa0718573bfcae2992"
},
{
"date": "08/03/2017 23:40:01",
"source": "cowrie 159.203.x.x",
"name": "02ab39d5ef83ffd09e3774a67b783bfa345505d3cb86694c5b0f0c94980e5ae8",
"hash": "02ab39d5ef83ffd09e3774a67b783bfa345505d3cb86694c5b0f0c94980e5ae8",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.9, not stripped",
"classification": "Gen:Variant.Trojan.Linux.XorDDoS.2",
"virustotal": "https://www.virustotal.com/file/02ab39d5ef83ffd09e3774a67b783bfa345505d3cb86694c5b0f0c94980e5ae8/analysis/1501758812/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/02ab39d5ef83ffd09e3774a67b783bfa345505d3cb86694c5b0f0c94980e5ae8"
},
{
"date": "08/03/2017 19:50:01",
"source": "cowrie 159.203.x.x",
"name": "4bbc1877f06c5b562179c5b83e8e930bfc68427681ffedc2f8748fd332a8cb9a",
"hash": "4bbc1877f06c5b562179c5b83e8e930bfc68427681ffedc2f8748fd332a8cb9a",
"type": "POSIX shell script, ASCII text executable",
"classification": "HEUR:Trojan-Downloader.Shell.Mirai.a",
"virustotal": "https://www.virustotal.com/file/4bbc1877f06c5b562179c5b83e8e930bfc68427681ffedc2f8748fd332a8cb9a/analysis/1501789008/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/4bbc1877f06c5b562179c5b83e8e930bfc68427681ffedc2f8748fd332a8cb9a"
},
{
"date": "08/03/2017 19:30:01",
"source": "deonaea 159.203.x.x",
"name": "93f418aaee713ef0b373cf13253c8e41",
"hash": "dcdb84366de9249f6b31eeeb0b355b1687e09a8757fdc7c14b7ccae44f3f32a9",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Win32.Ramnit",
"virustotal": "https://www.virustotal.com/file/dcdb84366de9249f6b31eeeb0b355b1687e09a8757fdc7c14b7ccae44f3f32a9/analysis/1501788606/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/93f418aaee713ef0b373cf13253c8e41"
},
{
"date": "08/03/2017 13:35:01",
"source": "deonaea 159.203.x.x",
"name": "7a1a46ee84e1d2689317ef2f0999830f",
"hash": "0e6e23e8a8757ff06139f7835d659eab9ed405ff192d1f3227638dd159678493",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Generic.Keylogger.2.C51E4859",
"virustotal": "https://www.virustotal.com/file/0e6e23e8a8757ff06139f7835d659eab9ed405ff192d1f3227638dd159678493/analysis/1501715826/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7a1a46ee84e1d2689317ef2f0999830f"
},
{
"date": "08/03/2017 09:30:01",
"source": "cowrie 159.203.x.x",
"name": "f5efc46fb45ca067c88641aaacac652fc9e87c7056534a7eda14d1b42353aeed",
"hash": "f5efc46fb45ca067c88641aaacac652fc9e87c7056534a7eda14d1b42353aeed",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.98179AC9",
"virustotal": "https://www.virustotal.com/file/f5efc46fb45ca067c88641aaacac652fc9e87c7056534a7eda14d1b42353aeed/analysis/1501424079/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f5efc46fb45ca067c88641aaacac652fc9e87c7056534a7eda14d1b42353aeed"
},
{
"date": "08/03/2017 02:35:01",
"source": "cowrie 159.203.x.x",
"name": "d59e73353697f248fc62ed3d7bd856c64d488d4319682fb9b0c6cf2fda1b5d2c",
"hash": "d59e73353697f248fc62ed3d7bd856c64d488d4319682fb9b0c6cf2fda1b5d2c",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/d59e73353697f248fc62ed3d7bd856c64d488d4319682fb9b0c6cf2fda1b5d2c/analysis/1501729206/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/d59e73353697f248fc62ed3d7bd856c64d488d4319682fb9b0c6cf2fda1b5d2c"
},
{
"date": "08/03/2017 00:45:01",
"source": "deonaea 159.203.x.x",
"name": "127ce8151e1631317f4eb39be3e15f53",
"hash": "7c55b5557a860a9e678fe709e2d5750463efd3bf061d57366aeb5b7abeb0edec",
"type": "MS-DOS executable, MZ for MS-DOS",
"classification": "Gen:Variant.Graftor.321611",
"virustotal": "https://www.virustotal.com/file/7c55b5557a860a9e678fe709e2d5750463efd3bf061d57366aeb5b7abeb0edec/analysis/1501565649/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/127ce8151e1631317f4eb39be3e15f53"
},
{
"date": "08/02/2017 14:30:01",
"source": "cowrie 159.203.x.x",
"name": "0b586e8c5fa2ced468a01d69067c833a2ca7cb21fc49ed3d98ecd2d675b9f8a6",
"hash": "0b586e8c5fa2ced468a01d69067c833a2ca7cb21fc49ed3d98ecd2d675b9f8a6",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.DD463132",
"virustotal": "https://www.virustotal.com/file/0b586e8c5fa2ced468a01d69067c833a2ca7cb21fc49ed3d98ecd2d675b9f8a6/analysis/1500144443/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0b586e8c5fa2ced468a01d69067c833a2ca7cb21fc49ed3d98ecd2d675b9f8a6"
},
{
"date": "08/02/2017 14:30:01",
"source": "cowrie 159.203.x.x",
"name": "09075dc6cc7a06f8bbdc2076104c838811dd1414c8ae7d45fb5096a3557106c7",
"hash": "09075dc6cc7a06f8bbdc2076104c838811dd1414c8ae7d45fb5096a3557106c7",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.7460E315",
"virustotal": "https://www.virustotal.com/file/09075dc6cc7a06f8bbdc2076104c838811dd1414c8ae7d45fb5096a3557106c7/analysis/1500144427/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/09075dc6cc7a06f8bbdc2076104c838811dd1414c8ae7d45fb5096a3557106c7"
},
{
"date": "08/02/2017 11:00:01",
"source": "deonaea 159.203.x.x",
"name": "400436dbbd0d666ea83c76f87bb0baa2",
"hash": "4daf1133ad9722e8949db50e8692791d977105f2b70a7831cfb6f10ec58ffd40",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Mikey.68767",
"virustotal": "https://www.virustotal.com/file/4daf1133ad9722e8949db50e8692791d977105f2b70a7831cfb6f10ec58ffd40/analysis/1501663307/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/400436dbbd0d666ea83c76f87bb0baa2"
},
{
"date": "08/02/2017 00:15:01",
"source": "deonaea 159.203.x.x",
"name": "786ff80edb366d73b338f3be43104502",
"hash": "c4aa075303d617a486086e927be6032c8163e21534cb872f6440134da8b0109d",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Mikey.68767",
"virustotal": "https://www.virustotal.com/file/c4aa075303d617a486086e927be6032c8163e21534cb872f6440134da8b0109d/analysis/1501632019/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/786ff80edb366d73b338f3be43104502"
},
{
"date": "08/02/2017 00:08:05",
"source": "cowrie 159.203.x.x",
"name": "GHssfjfgvj",
"hash": "ebd43292c03c06b55769f3ee2bf27bcc4916256effa546ff98dc94a5ca8d225f",
"type": "ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, not stripped",
"classification": "Possible_BASHLITE.SMLBN2",
"virustotal": "https://www.virustotal.com/file/ebd43292c03c06b55769f3ee2bf27bcc4916256effa546ff98dc94a5ca8d225f/analysis/1501633604/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/GHssfjfgvj"
},
{
"date": "07/27/2017 04:20:01",
"source": "cowrie 159.203.x.x",
"name": "a2d4e8547a2a5d90db4bcda0727d6b9cf5f75c73b3c19e987f9e7efe1f8c3e6a",
"hash": "a2d4e8547a2a5d90db4bcda0727d6b9cf5f75c73b3c19e987f9e7efe1f8c3e6a",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.1C33CEF2",
"virustotal": "https://www.virustotal.com/file/a2d4e8547a2a5d90db4bcda0727d6b9cf5f75c73b3c19e987f9e7efe1f8c3e6a/analysis/1501129806/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a2d4e8547a2a5d90db4bcda0727d6b9cf5f75c73b3c19e987f9e7efe1f8c3e6a"
},
{
"date": "07/27/2017 02:45:01",
"source": "deonaea 192.241.x.x",
"name": "5e960ba61a82c5340650e2ce975bb4c9",
"hash": "1faff4cf4bfe0d40af1555dc2ca749c5a382197b51b327ad89c4734d6ba75ee3",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Trojan.Heur.Qy1@uiiCfPfi",
"virustotal": "https://www.virustotal.com/file/1faff4cf4bfe0d40af1555dc2ca749c5a382197b51b327ad89c4734d6ba75ee3/analysis/1501124408/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5e960ba61a82c5340650e2ce975bb4c9"
},
{
"date": "07/26/2017 19:00:01",
"source": "cowrie 159.203.x.x",
"name": "9e474106160d817b132d04bc3370dcd13f3df16a78ce3a43e40aa2bde1805ff2",
"hash": "9e474106160d817b132d04bc3370dcd13f3df16a78ce3a43e40aa2bde1805ff2",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Trojan.Downloader.BashAgent.YW",
"virustotal": "https://www.virustotal.com/file/9e474106160d817b132d04bc3370dcd13f3df16a78ce3a43e40aa2bde1805ff2/analysis/1495073864/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/9e474106160d817b132d04bc3370dcd13f3df16a78ce3a43e40aa2bde1805ff2"
},
{
"date": "07/26/2017 16:40:01",
"source": "cowrie 159.203.x.x",
"name": "adfce72ebcb8cca066246ea341279cf26e9193bce2c638ae5092bca105de2f30",
"hash": "adfce72ebcb8cca066246ea341279cf26e9193bce2c638ae5092bca105de2f30",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.BA594849",
"virustotal": "https://www.virustotal.com/file/adfce72ebcb8cca066246ea341279cf26e9193bce2c638ae5092bca105de2f30/analysis/1501067050/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/adfce72ebcb8cca066246ea341279cf26e9193bce2c638ae5092bca105de2f30"
},
{
"date": "07/26/2017 12:15:01",
"source": "cowrie 159.203.x.x",
"name": "24154fb4ec3c1a7e2cc30e86d76685d3400a5ad747d795ea5bc05335f1bba03b",
"hash": "24154fb4ec3c1a7e2cc30e86d76685d3400a5ad747d795ea5bc05335f1bba03b",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.17F13250",
"virustotal": "https://www.virustotal.com/file/24154fb4ec3c1a7e2cc30e86d76685d3400a5ad747d795ea5bc05335f1bba03b/analysis/1501072206/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/24154fb4ec3c1a7e2cc30e86d76685d3400a5ad747d795ea5bc05335f1bba03b"
},
{
"date": "07/26/2017 12:00:01",
"source": "cowrie 159.203.x.x",
"name": "94b59b4761147519fecf662cecba7219ac2f70682ae02685081a181758cb705f",
"hash": "94b59b4761147519fecf662cecba7219ac2f70682ae02685081a181758cb705f",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.9, not stripped",
"classification": "Gen:Variant.Trojan.Linux.XorDDoS.2",
"virustotal": "https://www.virustotal.com/file/94b59b4761147519fecf662cecba7219ac2f70682ae02685081a181758cb705f/analysis/1500781565/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/94b59b4761147519fecf662cecba7219ac2f70682ae02685081a181758cb705f"
},
{
"date": "07/26/2017 06:00:01",
"source": "cowrie 159.203.x.x",
"name": "f890859345cb1b1e2a7390b2c794aa80b8784fe67820225ab164207968e93486",
"hash": "f890859345cb1b1e2a7390b2c794aa80b8784fe67820225ab164207968e93486",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/f890859345cb1b1e2a7390b2c794aa80b8784fe67820225ab164207968e93486/analysis/1500998644/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f890859345cb1b1e2a7390b2c794aa80b8784fe67820225ab164207968e93486"
},
{
"date": "07/26/2017 02:45:01",
"source": "deonaea 192.241.x.x",
"name": "ea62aea563953ca6dc686a82d645c8e7",
"hash": "34b6384a58e6854c48fdbec68cb0adfa7468286e561e96f28c4b99ee42ae79b6",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.152115",
"virustotal": "https://www.virustotal.com/file/34b6384a58e6854c48fdbec68cb0adfa7468286e561e96f28c4b99ee42ae79b6/analysis/1500957467/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ea62aea563953ca6dc686a82d645c8e7"
},
{
"date": "07/26/2017 01:30:01",
"source": "deonaea 159.203.x.x",
"name": "ee4343a7ad3c9fcca23d96a3ba11a31d",
"hash": "b8ae3b1351423469ca6b324eb82e1b8af070fba36b740bdd4dcca7f175fea252",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Parite.C",
"virustotal": "https://www.virustotal.com/file/b8ae3b1351423469ca6b324eb82e1b8af070fba36b740bdd4dcca7f175fea252/analysis/1501031134/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ee4343a7ad3c9fcca23d96a3ba11a31d"
},
{
"date": "07/26/2017 01:30:01",
"source": "deonaea 159.203.x.x",
"name": "14cf61abd678d080bcafbee9a27bfdbc",
"hash": "4e6a8870ee55b5481cfd27eac710a2a71f906f766c292f4034938e1f64db76ef",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Parite.C",
"virustotal": "https://www.virustotal.com/file/4e6a8870ee55b5481cfd27eac710a2a71f906f766c292f4034938e1f64db76ef/analysis/1501032534/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/14cf61abd678d080bcafbee9a27bfdbc"
},
{
"date": "07/26/2017 00:45:01",
"source": "deonaea 159.203.x.x",
"name": "7561f95f0f001441634fdac906030b72",
"hash": "e35347b1bc4a3fdb5a795f2435dc7aeec4ec0fa616914eb2a815a0501f965275",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Generic.ServStart.B.6930BC22",
"virustotal": "https://www.virustotal.com/file/e35347b1bc4a3fdb5a795f2435dc7aeec4ec0fa616914eb2a815a0501f965275/analysis/1501027299/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7561f95f0f001441634fdac906030b72"
},
{
"date": "07/26/2017 00:45:01",
"source": "deonaea 159.203.x.x",
"name": "70894ef96231f052f4a21676f53f277f",
"hash": "00382a677330c5d9d5bfad89b60470d2e2da114fc4e8567c51c1bba008f6c852",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.55449",
"virustotal": "https://www.virustotal.com/file/00382a677330c5d9d5bfad89b60470d2e2da114fc4e8567c51c1bba008f6c852/analysis/1500856103/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/70894ef96231f052f4a21676f53f277f"
},
{
"date": "07/25/2017 19:20:01",
"source": "deonaea 159.203.x.x",
"name": "3463c506507899aa374d5085fd569490",
"hash": "eaea386fdc99da892851dd80aad7751034fa1a41e05c3196c45997892e434bb6",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Mikey.68272",
"virustotal": "https://www.virustotal.com/file/eaea386fdc99da892851dd80aad7751034fa1a41e05c3196c45997892e434bb6/analysis/1501008941/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/3463c506507899aa374d5085fd569490"
},
{
"date": "07/25/2017 14:40:01",
"source": "deonaea 192.241.x.x",
"name": "1a8f6b3695bee966e9f75dbcfb2c5c98",
"hash": "00cc4e3731e8f8e35aa556c83e8cf3db305c0ce2283fed0f39b78d4c03a62747",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/00cc4e3731e8f8e35aa556c83e8cf3db305c0ce2283fed0f39b78d4c03a62747/analysis/1500994814/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1a8f6b3695bee966e9f75dbcfb2c5c98"
},
{
"date": "07/25/2017 12:50:01",
"source": "deonaea 159.203.x.x",
"name": "e8bf75510e7b1fe4d0187dee8248eb31",
"hash": "2d578ccaefb5322ba5e46eb2b40b2acf29ab9f881ea5cb46a59d9e22dc5ba060",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Gen:Variant.Razy.19935",
"virustotal": "https://www.virustotal.com/file/2d578ccaefb5322ba5e46eb2b40b2acf29ab9f881ea5cb46a59d9e22dc5ba060/analysis/1500633854/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e8bf75510e7b1fe4d0187dee8248eb31"
},
{
"date": "07/25/2017 12:50:01",
"source": "deonaea 159.203.x.x",
"name": "2f13acdf209fc83bc19d6b0026672963",
"hash": "51ae220216707a5ffee810913cdce703ddaf4dac719cfec3b77142a33de77a2a",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Mikey.55503",
"virustotal": "https://www.virustotal.com/file/51ae220216707a5ffee810913cdce703ddaf4dac719cfec3b77142a33de77a2a/analysis/1500517113/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2f13acdf209fc83bc19d6b0026672963"
},
{
"date": "07/25/2017 10:40:01",
"source": "deonaea 192.241.x.x",
"name": "c4e0a5bba00000a045c6937e16065f24",
"hash": "ec531f63d38d03a27ba0b4c82438920674e7946fb1fd33ec06516cc7bdf3f5ef",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.61500",
"virustotal": "https://www.virustotal.com/file/ec531f63d38d03a27ba0b4c82438920674e7946fb1fd33ec06516cc7bdf3f5ef/analysis/1500963333/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/c4e0a5bba00000a045c6937e16065f24"
},
{
"date": "07/24/2017 21:35:01",
"source": "deonaea 192.241.x.x",
"name": "http-mXD1Z8",
"hash": "73b573a61609aa706c0fc4855fe356c75096f8c34f6ad109180c145e8b7a5d87",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/73b573a61609aa706c0fc4855fe356c75096f8c34f6ad109180c145e8b7a5d87/analysis/1500933607/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/http-mXD1Z8"
},
{
"date": "07/24/2017 21:15:01",
"source": "cowrie 159.203.x.x",
"name": "ef64576422f2d898394c20491c1a42c022b362461bd9d2b6a8e9177bb25c74c7",
"hash": "ef64576422f2d898394c20491c1a42c022b362461bd9d2b6a8e9177bb25c74c7",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.C00E9AD6",
"virustotal": "https://www.virustotal.com/file/ef64576422f2d898394c20491c1a42c022b362461bd9d2b6a8e9177bb25c74c7/analysis/1500931889/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ef64576422f2d898394c20491c1a42c022b362461bd9d2b6a8e9177bb25c74c7"
},
{
"date": "07/24/2017 21:15:01",
"source": "cowrie 159.203.x.x",
"name": "d37579ef8ece175b0368dd8d76da99950b8f10752b7485d3d85dd880e694560e",
"hash": "d37579ef8ece175b0368dd8d76da99950b8f10752b7485d3d85dd880e694560e",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.D9AF5169",
"virustotal": "https://www.virustotal.com/file/d37579ef8ece175b0368dd8d76da99950b8f10752b7485d3d85dd880e694560e/analysis/1500931848/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/d37579ef8ece175b0368dd8d76da99950b8f10752b7485d3d85dd880e694560e"
},
{
"date": "07/24/2017 21:10:01",
"source": "deonaea 192.241.x.x",
"name": "af09317971cc46ebf8affbad4c323372",
"hash": "dc09f353aa22afadd6d3908b935ea9da88278b3de6e31dd8be2a4e0634b4db0d",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Zusy.173420",
"virustotal": "https://www.virustotal.com/file/dc09f353aa22afadd6d3908b935ea9da88278b3de6e31dd8be2a4e0634b4db0d/analysis/1500916573/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/af09317971cc46ebf8affbad4c323372"
},
{
"date": "07/24/2017 16:05:01",
"source": "deonaea 192.241.x.x",
"name": "9cf1579b2a6dda1ad37ab5ef8580a8d8",
"hash": "cce998eaec3a0264d5a8dc1e56878b7c96dc19ac4a6a58ab478c1bb57cebf0cd",
"type": "ASCII text, with very long lines, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/cce998eaec3a0264d5a8dc1e56878b7c96dc19ac4a6a58ab478c1bb57cebf0cd/analysis/1490620110/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/9cf1579b2a6dda1ad37ab5ef8580a8d8"
},
{
"date": "07/24/2017 14:30:01",
"source": "deonaea 159.203.x.x",
"name": "227e64c723264dee6005fdc623ebab98",
"hash": "10ff06a26c080ec5ebe20101f00b040ff3c97ddbd95f13e72e5823da8cc18458",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Gen:Variant.Graftor.169200",
"virustotal": "https://www.virustotal.com/file/10ff06a26c080ec5ebe20101f00b040ff3c97ddbd95f13e72e5823da8cc18458/analysis/1500906606/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/227e64c723264dee6005fdc623ebab98"
},
{
"date": "07/24/2017 12:45:01",
"source": "cowrie 159.203.x.x",
"name": "94dfe329dc42b8ef12fc6eb2b3b318dda1fcaf0bc35ad9c1623f48d0395c8d8c",
"hash": "94dfe329dc42b8ef12fc6eb2b3b318dda1fcaf0bc35ad9c1623f48d0395c8d8c",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.DB63F0E5",
"virustotal": "https://www.virustotal.com/file/94dfe329dc42b8ef12fc6eb2b3b318dda1fcaf0bc35ad9c1623f48d0395c8d8c/analysis/1500373830/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/94dfe329dc42b8ef12fc6eb2b3b318dda1fcaf0bc35ad9c1623f48d0395c8d8c"
},
{
"date": "07/24/2017 12:45:01",
"source": "cowrie 159.203.x.x",
"name": "006c29f4554cb9806df55a7d7f81eaa526879448ef0347bfa0a697c3b7da627a",
"hash": "006c29f4554cb9806df55a7d7f81eaa526879448ef0347bfa0a697c3b7da627a",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.4895CA90",
"virustotal": "https://www.virustotal.com/file/006c29f4554cb9806df55a7d7f81eaa526879448ef0347bfa0a697c3b7da627a/analysis/1500375904/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/006c29f4554cb9806df55a7d7f81eaa526879448ef0347bfa0a697c3b7da627a"
},
{
"date": "07/24/2017 11:55:01",
"source": "deonaea 192.241.x.x",
"name": "2d4a7dd2b19ab4c8f1ca209c9bc35234",
"hash": "fa95990d31f46d7db8a87b8d431de847dae5f955bb4f6d80efa5d604fa7265d7",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Generic.ServStart.A.341722AE",
"virustotal": "https://www.virustotal.com/file/fa95990d31f46d7db8a87b8d431de847dae5f955bb4f6d80efa5d604fa7265d7/analysis/1500753869/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2d4a7dd2b19ab4c8f1ca209c9bc35234"
},
{
"date": "07/24/2017 10:50:01",
"source": "cowrie 159.203.x.x",
"name": "2e979158d066a4e5324d831c56da95c733e009a5533a787b9a976b065f21c39a",
"hash": "2e979158d066a4e5324d831c56da95c733e009a5533a787b9a976b065f21c39a",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.69C3B870",
"virustotal": "https://www.virustotal.com/file/2e979158d066a4e5324d831c56da95c733e009a5533a787b9a976b065f21c39a/analysis/1500585945/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2e979158d066a4e5324d831c56da95c733e009a5533a787b9a976b065f21c39a"
},
{
"date": "07/23/2017 17:30:01",
"source": "cowrie 159.203.x.x",
"name": "7dcf6e128b6ba67060266339ece6a77f70abaa964d4f004354ae66a6998287a4",
"hash": "7dcf6e128b6ba67060266339ece6a77f70abaa964d4f004354ae66a6998287a4",
"type": "Python script, ASCII text executable",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/7dcf6e128b6ba67060266339ece6a77f70abaa964d4f004354ae66a6998287a4/analysis/1496505140/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7dcf6e128b6ba67060266339ece6a77f70abaa964d4f004354ae66a6998287a4"
},
{
"date": "07/23/2017 01:20:01",
"source": "deonaea 192.241.x.x",
"name": "42b39e3f50727b778af0da0faafc30e6",
"hash": "723c93132bb5889c08106b875c1ae6f64ce3bc3d081b5b4d8c7c0f1f928134f7",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Barys.1661",
"virustotal": "https://www.virustotal.com/file/723c93132bb5889c08106b875c1ae6f64ce3bc3d081b5b4d8c7c0f1f928134f7/analysis/1500612695/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/42b39e3f50727b778af0da0faafc30e6"
},
{
"date": "07/22/2017 19:10:01",
"source": "cowrie 159.203.x.x",
"name": "41c0e6efd029125a402d9a90b028209efb6fc56c74baf58f17f1764c887356e2",
"hash": "41c0e6efd029125a402d9a90b028209efb6fc56c74baf58f17f1764c887356e2",
"type": "ASCII text",
"classification": "BV:Downloader-KB [Drp]",
"virustotal": "https://www.virustotal.com/file/41c0e6efd029125a402d9a90b028209efb6fc56c74baf58f17f1764c887356e2/analysis/1500751848/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/41c0e6efd029125a402d9a90b028209efb6fc56c74baf58f17f1764c887356e2"
},
{
"date": "07/22/2017 19:05:01",
"source": "cowrie 159.203.x.x",
"name": "d138075fc35ec9c4580cc009fb3c2659d33bd34f40e3621c831a263532f17825",
"hash": "d138075fc35ec9c4580cc009fb3c2659d33bd34f40e3621c831a263532f17825",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.F327EFAA",
"virustotal": "https://www.virustotal.com/file/d138075fc35ec9c4580cc009fb3c2659d33bd34f40e3621c831a263532f17825/analysis/1500738465/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/d138075fc35ec9c4580cc009fb3c2659d33bd34f40e3621c831a263532f17825"
},
{
"date": "07/22/2017 17:50:01",
"source": "deonaea 192.241.x.x",
"name": "9822c83371bcee064892a2d0125c2b3e",
"hash": "b81f9c8388c5c644a2375d6e1fc38395fd8a9d279cabeedf8437bd3848cc6a4a",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Virtob.Gen.12",
"virustotal": "https://www.virustotal.com/file/b81f9c8388c5c644a2375d6e1fc38395fd8a9d279cabeedf8437bd3848cc6a4a/analysis/1500582812/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/9822c83371bcee064892a2d0125c2b3e"
},
{
"date": "07/22/2017 17:50:01",
"source": "deonaea 192.241.x.x",
"name": "64524a108bf6df6575c7a8e9c734d91d",
"hash": "36e78cd7a50adb132f44439ff1d0797355bd213ab0041fa0edfe968171da375f",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Virtob.Gen.12",
"virustotal": "https://www.virustotal.com/file/36e78cd7a50adb132f44439ff1d0797355bd213ab0041fa0edfe968171da375f/analysis/1500714935/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/64524a108bf6df6575c7a8e9c734d91d"
},
{
"date": "07/22/2017 15:00:01",
"source": "cowrie 159.203.x.x",
"name": "d640ba3de97dde44312fa1a14e8cab90868096b12ffbed24efcc7e1c0a57266d",
"hash": "d640ba3de97dde44312fa1a14e8cab90868096b12ffbed24efcc7e1c0a57266d",
"type": "HTML document, ASCII text, with very long lines, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/d640ba3de97dde44312fa1a14e8cab90868096b12ffbed24efcc7e1c0a57266d/analysis/1500735648/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/d640ba3de97dde44312fa1a14e8cab90868096b12ffbed24efcc7e1c0a57266d"
},
{
"date": "07/22/2017 15:00:01",
"source": "cowrie 159.203.x.x",
"name": "35491c98b2e7c55cef889bdad3574019fcba3eec33817bdcff9524de77baf41e",
"hash": "35491c98b2e7c55cef889bdad3574019fcba3eec33817bdcff9524de77baf41e",
"type": "POSIX shell script, ASCII text executable",
"classification": "BV:Downloader-JQ [Drp]",
"virustotal": "https://www.virustotal.com/file/35491c98b2e7c55cef889bdad3574019fcba3eec33817bdcff9524de77baf41e/analysis/1500735470/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/35491c98b2e7c55cef889bdad3574019fcba3eec33817bdcff9524de77baf41e"
},
{
"date": "07/22/2017 14:55:01",
"source": "cowrie 159.203.x.x",
"name": "bbd20572592a6cf69fd31e3707f9be4d79818c1d6fca25c53417262f73f30c13",
"hash": "bbd20572592a6cf69fd31e3707f9be4d79818c1d6fca25c53417262f73f30c13",
"type": "Python script, ASCII text executable",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/bbd20572592a6cf69fd31e3707f9be4d79818c1d6fca25c53417262f73f30c13/analysis/1472728387/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/bbd20572592a6cf69fd31e3707f9be4d79818c1d6fca25c53417262f73f30c13"
},
{
"date": "07/22/2017 14:30:01",
"source": "cowrie 159.203.x.x",
"name": "56becb29e27ef288f9065e8c0adc36fa33bf96bf07a527b24f04d36df7971aae",
"hash": "56becb29e27ef288f9065e8c0adc36fa33bf96bf07a527b24f04d36df7971aae",
"type": "POSIX shell script, ASCII text executable, with CRLF line terminators",
"classification": "BV:Downloader-JQ [Drp]",
"virustotal": "https://www.virustotal.com/file/56becb29e27ef288f9065e8c0adc36fa33bf96bf07a527b24f04d36df7971aae/analysis/1500733710/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/56becb29e27ef288f9065e8c0adc36fa33bf96bf07a527b24f04d36df7971aae"
},
{
"date": "07/22/2017 13:00:01",
"source": "cowrie 159.203.x.x",
"name": "aed8fe28b8588b1f004873c1a2a76e5ae1aae538c84d58626c7d1245be894b8f",
"hash": "aed8fe28b8588b1f004873c1a2a76e5ae1aae538c84d58626c7d1245be894b8f",
"type": "ASCII text",
"classification": "BV:Downloader-JY [Drp]",
"virustotal": "https://www.virustotal.com/file/aed8fe28b8588b1f004873c1a2a76e5ae1aae538c84d58626c7d1245be894b8f/analysis/1497298101/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/aed8fe28b8588b1f004873c1a2a76e5ae1aae538c84d58626c7d1245be894b8f"
},
{
"date": "07/22/2017 11:00:01",
"source": "deonaea 159.203.x.x",
"name": "cdf4f36260549df807f21ed17dbeb630",
"hash": "3b40c4406b48811800f9641cde1bcc43df64b4cd39ae892f2a2ba7b3b101442d",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.65839",
"virustotal": "https://www.virustotal.com/file/3b40c4406b48811800f9641cde1bcc43df64b4cd39ae892f2a2ba7b3b101442d/analysis/1500524637/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/cdf4f36260549df807f21ed17dbeb630"
},
{
"date": "07/22/2017 05:10:01",
"source": "deonaea 192.241.x.x",
"name": "eb6ee085fb89027279ab53e1c6bc91e0",
"hash": "0dae51a37dbe85e76de2fc0e48d427cbb6643858c7da154d84b19811e0c54d7d",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Win32:Malware-gen",
"virustotal": "https://www.virustotal.com/file/0dae51a37dbe85e76de2fc0e48d427cbb6643858c7da154d84b19811e0c54d7d/analysis/1500678526/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/eb6ee085fb89027279ab53e1c6bc91e0"
},
{
"date": "07/22/2017 05:10:01",
"source": "deonaea 192.241.x.x",
"name": "a74766869b86277e6de5d7f0a3094ceb",
"hash": "fa92721e0cdaa08b6d15445432bec4e140ab40a4bcd54c40ed730fca42064f5b",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Gen:Variant.Kazy.10035",
"virustotal": "https://www.virustotal.com/file/fa92721e0cdaa08b6d15445432bec4e140ab40a4bcd54c40ed730fca42064f5b/analysis/1500661822/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a74766869b86277e6de5d7f0a3094ceb"
},
{
"date": "07/22/2017 03:40:01",
"source": "cowrie 159.203.x.x",
"name": "8306118c1564f58c3f1527d3baf9820518a4848a43e0538126aea8a34a5db1b0",
"hash": "8306118c1564f58c3f1527d3baf9820518a4848a43e0538126aea8a34a5db1b0",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/8306118c1564f58c3f1527d3baf9820518a4848a43e0538126aea8a34a5db1b0/analysis/1500696006/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8306118c1564f58c3f1527d3baf9820518a4848a43e0538126aea8a34a5db1b0"
},
{
"date": "07/21/2017 16:00:01",
"source": "deonaea 159.203.x.x",
"name": "6521a92292ce620a276fc7209dc016de",
"hash": "656c6324142ebbc7184792130f9299c6e2a0bfc451f2609ca5947d2bcc5cb288",
"type": "ASCII text, with CRLF line terminators",
"classification": "Trojan.Script.474857",
"virustotal": "https://www.virustotal.com/file/656c6324142ebbc7184792130f9299c6e2a0bfc451f2609ca5947d2bcc5cb288/analysis/1494519226/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/6521a92292ce620a276fc7209dc016de"
},
{
"date": "07/21/2017 14:40:01",
"source": "cowrie 159.203.x.x",
"name": "8bae5dd45e1b621b781ad4f5d4f9e1ab50bfb6fb6a41c09ca8424f019ac02bc1",
"hash": "8bae5dd45e1b621b781ad4f5d4f9e1ab50bfb6fb6a41c09ca8424f019ac02bc1",
"type": "Python script, ASCII text executable, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/8bae5dd45e1b621b781ad4f5d4f9e1ab50bfb6fb6a41c09ca8424f019ac02bc1/analysis/1500649207/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8bae5dd45e1b621b781ad4f5d4f9e1ab50bfb6fb6a41c09ca8424f019ac02bc1"
},
{
"date": "07/21/2017 14:10:01",
"source": "deonaea 192.241.x.x",
"name": "c97a51579408490bef8fe843f7171f00",
"hash": "d78153cfbb65b15e0a5e335734741a2e5c2eb427679c641d81306ca41390ab43",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/d78153cfbb65b15e0a5e335734741a2e5c2eb427679c641d81306ca41390ab43/analysis/1500592412/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/c97a51579408490bef8fe843f7171f00"
},
{
"date": "07/21/2017 14:10:01",
"source": "deonaea 192.241.x.x",
"name": "9a0d8d0ce13957ba6f9f20297377df0c",
"hash": "a79f9d7d09aad85fe9958883ca6f0a0915d7d46f83c66008988912196d311956",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "UDS:DangerousObject.Multi.Generic",
"virustotal": "https://www.virustotal.com/file/a79f9d7d09aad85fe9958883ca6f0a0915d7d46f83c66008988912196d311956/analysis/1500583277/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/9a0d8d0ce13957ba6f9f20297377df0c"
},
{
"date": "07/21/2017 11:20:01",
"source": "deonaea 159.203.x.x",
"name": "eebf3d63bc995b3dda4988670751bfb8",
"hash": "26d3841cb8b67e8913b01f6a204217ea1cf52f33d50649428bc261ad85997db9",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Dropped:Trojan.VBS.UNN",
"virustotal": "https://www.virustotal.com/file/26d3841cb8b67e8913b01f6a204217ea1cf52f33d50649428bc261ad85997db9/analysis/1500578225/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/eebf3d63bc995b3dda4988670751bfb8"
},
{
"date": "07/21/2017 11:15:01",
"source": "deonaea 159.203.x.x",
"name": "fbe9c2aee3fef457ec9bf1f440d5f81b",
"hash": "965298daa779091ab50b1e0923fb89593b78bd02d0ab818a01b4577ac0147156",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Dropped:Trojan.VBS.UNN",
"virustotal": "https://www.virustotal.com/file/965298daa779091ab50b1e0923fb89593b78bd02d0ab818a01b4577ac0147156/analysis/1500636648/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/fbe9c2aee3fef457ec9bf1f440d5f81b"
},
{
"date": "07/21/2017 11:15:01",
"source": "deonaea 159.203.x.x",
"name": "21a9ac0b2c24a45823e27ab34a994eea",
"hash": "a8ca7e74c1c1789cf30fc3a6b3c0b148f1dfa5cac498eca547124ffd476d8102",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Dropped:Trojan.VBS.UNN",
"virustotal": "https://www.virustotal.com/file/a8ca7e74c1c1789cf30fc3a6b3c0b148f1dfa5cac498eca547124ffd476d8102/analysis/1500636607/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/21a9ac0b2c24a45823e27ab34a994eea"
},
{
"date": "07/21/2017 09:45:01",
"source": "deonaea 159.203.x.x",
"name": "e23cb5945546eedcbe35d45db8aef67f",
"hash": "c91d1520d4e88f1d3eb3d5ba00bf21530fac979ec7cec4256f12c1664f4d6925",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.389234",
"virustotal": "https://www.virustotal.com/file/c91d1520d4e88f1d3eb3d5ba00bf21530fac979ec7cec4256f12c1664f4d6925/analysis/1500606739/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e23cb5945546eedcbe35d45db8aef67f"
},
{
"date": "07/21/2017 05:00:01",
"source": "deonaea 159.203.x.x",
"name": "903b591da5dfc0268b062ac16b4dee31",
"hash": "12a6b5c461c57b29a30dd9eba79ebbbe6aaec9538020e0b3d8f4ce6feeee5ec7",
"type": "data",
"classification": "Worm.Generic.230976",
"virustotal": "https://www.virustotal.com/file/12a6b5c461c57b29a30dd9eba79ebbbe6aaec9538020e0b3d8f4ce6feeee5ec7/analysis/1500609868/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/903b591da5dfc0268b062ac16b4dee31"
},
{
"date": "07/21/2017 03:55:01",
"source": "cowrie 159.203.x.x",
"name": "d1497b0d40e093210e818d0906feb5d7f54e12fa7f611bff226ed9c28981dbde",
"hash": "d1497b0d40e093210e818d0906feb5d7f54e12fa7f611bff226ed9c28981dbde",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.D8B3BE31",
"virustotal": "https://www.virustotal.com/file/d1497b0d40e093210e818d0906feb5d7f54e12fa7f611bff226ed9c28981dbde/analysis/1500397729/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/d1497b0d40e093210e818d0906feb5d7f54e12fa7f611bff226ed9c28981dbde"
},
{
"date": "07/21/2017 03:55:01",
"source": "cowrie 159.203.x.x",
"name": "74ac18f1094e8560f6b062f05fb84128ddb06363dddd75e79a124775c5ff28c7",
"hash": "74ac18f1094e8560f6b062f05fb84128ddb06363dddd75e79a124775c5ff28c7",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.DD1F3D82",
"virustotal": "https://www.virustotal.com/file/74ac18f1094e8560f6b062f05fb84128ddb06363dddd75e79a124775c5ff28c7/analysis/1500398081/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/74ac18f1094e8560f6b062f05fb84128ddb06363dddd75e79a124775c5ff28c7"
},
{
"date": "07/21/2017 01:00:02",
"source": "cowrie 159.203.x.x",
"name": "5839417cc0c8a505825a55cab84cbcf81d3bbb89c8922dcaa15737ebb4cb0518",
"hash": "5839417cc0c8a505825a55cab84cbcf81d3bbb89c8922dcaa15737ebb4cb0518",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.020336EA",
"virustotal": "https://www.virustotal.com/file/5839417cc0c8a505825a55cab84cbcf81d3bbb89c8922dcaa15737ebb4cb0518/analysis/1499598580/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5839417cc0c8a505825a55cab84cbcf81d3bbb89c8922dcaa15737ebb4cb0518"
},
{
"date": "07/20/2017 19:45:01",
"source": "deonaea 159.203.x.x",
"name": "2d8e7db5ad0cc5ed23d2d3b0579226d4",
"hash": "89704af7f7b049e495f6255212d79450ff42036e8a6b7adea620721b588263fb",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Virtob.Gen.12",
"virustotal": "https://www.virustotal.com/file/89704af7f7b049e495f6255212d79450ff42036e8a6b7adea620721b588263fb/analysis/1500446892/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2d8e7db5ad0cc5ed23d2d3b0579226d4"
},
{
"date": "07/20/2017 17:20:01",
"source": "deonaea 159.203.x.x",
"name": "63855ded640246757df10a5a46ee6109",
"hash": "513521d25250a584144d27ff0d0950714b2d2459f9d91b07ba9f0bf24e458700",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.340943",
"virustotal": "https://www.virustotal.com/file/513521d25250a584144d27ff0d0950714b2d2459f9d91b07ba9f0bf24e458700/analysis/1500551815/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/63855ded640246757df10a5a46ee6109"
},
{
"date": "07/20/2017 16:45:01",
"source": "deonaea 192.241.x.x",
"name": "http-9oPUDK",
"hash": "f099494a283d8993ebaeda887bb2ed7298627d61a9c5d53fd4e8d242c1c682e1",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Kazy.2923",
"virustotal": "https://www.virustotal.com/file/f099494a283d8993ebaeda887bb2ed7298627d61a9c5d53fd4e8d242c1c682e1/analysis/1409394436/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/http-9oPUDK"
},
{
"date": "07/20/2017 14:00:01",
"source": "deonaea 192.241.x.x",
"name": "49f6bb9dc62521d42ea0d6cac534b57a",
"hash": "fa95b571fc2575dcd96389d7964aec1c0bf8626eb087c030d28dbfee6bbb2126",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Win32.Virtob.Gen.12",
"virustotal": "https://www.virustotal.com/file/fa95b571fc2575dcd96389d7964aec1c0bf8626eb087c030d28dbfee6bbb2126/analysis/1500475667/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/49f6bb9dc62521d42ea0d6cac534b57a"
},
{
"date": "07/20/2017 09:20:01",
"source": "deonaea 192.241.x.x",
"name": "5bb27384f186bf4b73437712074b8cfe",
"hash": "a7bae398f4605c847136b8a0922a859eb561aa55857d265645636c858adf2664",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.57816",
"virustotal": "https://www.virustotal.com/file/a7bae398f4605c847136b8a0922a859eb561aa55857d265645636c858adf2664/analysis/1500540873/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5bb27384f186bf4b73437712074b8cfe"
},
{
"date": "07/20/2017 01:00:01",
"source": "deonaea 159.203.x.x",
"name": "780e68bc4dbc834725ab222b2e6d39b7",
"hash": "b50d119693b4e8d0fdab695ed7b54e6054503b03f422e9600e4bc0dbf05e9c29",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.340943",
"virustotal": "https://www.virustotal.com/file/b50d119693b4e8d0fdab695ed7b54e6054503b03f422e9600e4bc0dbf05e9c29/analysis/1500502555/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/780e68bc4dbc834725ab222b2e6d39b7"
},
{
"date": "07/19/2017 23:50:01",
"source": "deonaea 192.241.x.x",
"name": "52f4cc475bb2d26643911e24a0fbcd2e",
"hash": "33b840aad4985d882b0c3f693b2f809b6f90f3ad5824db70f8721ade9befe1f2",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Heur.RI.1",
"virustotal": "https://www.virustotal.com/file/33b840aad4985d882b0c3f693b2f809b6f90f3ad5824db70f8721ade9befe1f2/analysis/1500490497/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/52f4cc475bb2d26643911e24a0fbcd2e"
},
{
"date": "07/19/2017 23:50:01",
"source": "deonaea 192.241.x.x",
"name": "033438e83f7195912faa9b0058760b49",
"hash": "ef7ac83aadde88745fcfb68c716360ee9f5c363077c4c329ffe7da3ef21e54b7",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, PECompact2 compressed",
"classification": "Trojan.GenericKD.5045544",
"virustotal": "https://www.virustotal.com/file/ef7ac83aadde88745fcfb68c716360ee9f5c363077c4c329ffe7da3ef21e54b7/analysis/1495573805/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/033438e83f7195912faa9b0058760b49"
},
{
"date": "07/19/2017 23:05:01",
"source": "cowrie 159.203.x.x",
"name": "20170719-154721-9123527f1e42-0-redir__etc_rc_local",
"hash": "80c083eea9c9c7500dcb6507f21693eb9898d6f1c7e3513eb8e5dc1732cf8db6",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/80c083eea9c9c7500dcb6507f21693eb9898d6f1c7e3513eb8e5dc1732cf8db6/analysis/1500480094/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/20170719-154721-9123527f1e42-0-redir__etc_rc_local"
},
{
"date": "07/19/2017 16:00:01",
"source": "cowrie 159.203.x.x",
"name": "797ac7df7463fb009808a682fee625035ecb710bb2b417bdf7e703573654cb7e",
"hash": "797ac7df7463fb009808a682fee625035ecb710bb2b417bdf7e703573654cb7e",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.F8122B6D",
"virustotal": "https://www.virustotal.com/file/797ac7df7463fb009808a682fee625035ecb710bb2b417bdf7e703573654cb7e/analysis/1497894440/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/797ac7df7463fb009808a682fee625035ecb710bb2b417bdf7e703573654cb7e"
},
{
"date": "07/19/2017 15:50:01",
"source": "cowrie 159.203.x.x",
"name": "23a91d190440fc1c4a8889e2359d593716497f78b71f421365b9bdd1772abcec",
"hash": "23a91d190440fc1c4a8889e2359d593716497f78b71f421365b9bdd1772abcec",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped",
"classification": "Trojan.Agent.Linux.A",
"virustotal": "https://www.virustotal.com/file/23a91d190440fc1c4a8889e2359d593716497f78b71f421365b9bdd1772abcec/analysis/1500280025/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/23a91d190440fc1c4a8889e2359d593716497f78b71f421365b9bdd1772abcec"
},
{
"date": "07/19/2017 15:25:01",
"source": "deonaea 159.203.x.x",
"name": "dee83c0aac79cf4787f88e53738f6c79",
"hash": "325af110699d4a5b7f65bd2d1f81fbd1be97a2c41f1acc4108db0832754f69ff",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Mikey.62196",
"virustotal": "https://www.virustotal.com/file/325af110699d4a5b7f65bd2d1f81fbd1be97a2c41f1acc4108db0832754f69ff/analysis/1500462204/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/dee83c0aac79cf4787f88e53738f6c79"
},
{
"date": "07/18/2017 18:10:01",
"source": "deonaea 159.203.x.x",
"name": "8a9fb87ca36c5a5d4580c1926677e7ba",
"hash": "6097431f1450d84580da6dc40d41d85c0110e2d8d5da98d20dbeba1aa13f3c86",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.31972",
"virustotal": "https://www.virustotal.com/file/6097431f1450d84580da6dc40d41d85c0110e2d8d5da98d20dbeba1aa13f3c86/analysis/1500186162/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8a9fb87ca36c5a5d4580c1926677e7ba"
},
{
"date": "07/18/2017 16:15:01",
"source": "cowrie 159.203.x.x",
"name": "e62bd712ae109fcb731b4ddcf5969325b3929fb59f976b1db6bfbdb4f8e2311e",
"hash": "e62bd712ae109fcb731b4ddcf5969325b3929fb59f976b1db6bfbdb4f8e2311e",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.562BD7EC",
"virustotal": "https://www.virustotal.com/file/e62bd712ae109fcb731b4ddcf5969325b3929fb59f976b1db6bfbdb4f8e2311e/analysis/1499703006/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e62bd712ae109fcb731b4ddcf5969325b3929fb59f976b1db6bfbdb4f8e2311e"
},
{
"date": "07/18/2017 14:25:01",
"source": "deonaea 159.203.x.x",
"name": "1811285337a25c9e1f1a67452cbdf405",
"hash": "8152b1e1f3cacb9d8a631b40278e22cfd8f113d22206f44c782f207bb789f714",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Gen:Variant.Graftor.212189",
"virustotal": "https://www.virustotal.com/file/8152b1e1f3cacb9d8a631b40278e22cfd8f113d22206f44c782f207bb789f714/analysis/1499924544/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1811285337a25c9e1f1a67452cbdf405"
},
{
"date": "07/18/2017 12:30:01",
"source": "deonaea 192.241.x.x",
"name": "4267db22761f0a1923a96866aefc5533",
"hash": "237cdeea164bc68b53fffffd6ca8c0d37318ca9a70ccb418abd85a612980945b",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Zegost.6",
"virustotal": "https://www.virustotal.com/file/237cdeea164bc68b53fffffd6ca8c0d37318ca9a70ccb418abd85a612980945b/analysis/1498979664/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/4267db22761f0a1923a96866aefc5533"
},
{
"date": "07/12/2017 00:20:01",
"source": "deonaea 192.241.x.x",
"name": "smb-ay2rbatu.tmp",
"hash": "f1e2de87293afbc0725518f30116c8488548359cbb2275db4bb2b45d73c92349",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "nondeterministic",
"virustotal": "" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/smb-ay2rbatu.tmp"
},
{
"date": "07/11/2017 18:10:01",
"source": "deonaea 192.241.x.x",
"name": "f10bfe74b97bf785207038774a4064dc",
"hash": "b4cf25e434bb7ac579bf966875f462d68973a5851c5e2af214c18084200a2b99",
"type": "ASCII text, with very long lines, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/b4cf25e434bb7ac579bf966875f462d68973a5851c5e2af214c18084200a2b99/analysis/1499795594/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f10bfe74b97bf785207038774a4064dc"
},
{
"date": "07/11/2017 11:00:01",
"source": "cowrie 159.203.x.x",
"name": "8f4d1460fdd209b9540d0e2c7ac06675f2d4c72d532fb53f77dca13380cd304b",
"hash": "8f4d1460fdd209b9540d0e2c7ac06675f2d4c72d532fb53f77dca13380cd304b",
"type": "ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), dynamically linked, interpreter /lib/ld-uClibc.so.0, not stripped",
"classification": "HEUR:Backdoor.Linux.Gafgyt.ba",
"virustotal": "https://www.virustotal.com/file/8f4d1460fdd209b9540d0e2c7ac06675f2d4c72d532fb53f77dca13380cd304b/analysis/1499716313/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8f4d1460fdd209b9540d0e2c7ac06675f2d4c72d532fb53f77dca13380cd304b"
},
{
"date": "07/11/2017 03:45:01",
"source": "deonaea 159.203.x.x",
"name": "1398a1fe6fde28200077650b9c1df8a7",
"hash": "379fc7da73f4db5de76b6dcdb4eea4c892e793fdff583628ffd5193d96e80776",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Trojan.GenericKD.12001439",
"virustotal": "https://www.virustotal.com/file/379fc7da73f4db5de76b6dcdb4eea4c892e793fdff583628ffd5193d96e80776/analysis/1499717862/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1398a1fe6fde28200077650b9c1df8a7"
},
{
"date": "07/11/2017 03:00:01",
"source": "deonaea 159.203.x.x",
"name": "smb-vfwhlm26.tmp",
"hash": "db5ce44e4c4ce6271d2e0a056e5abafdd7045f00d55c78450e64a87c2ed86efb",
"type": "data",
"classification": "Trojan.GenericKD.4484531",
"virustotal": "https://www.virustotal.com/file/db5ce44e4c4ce6271d2e0a056e5abafdd7045f00d55c78450e64a87c2ed86efb/analysis/1499659306/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/smb-vfwhlm26.tmp"
},
{
"date": "07/10/2017 20:40:01",
"source": "deonaea 192.241.x.x",
"name": "faba7887fd5778c1971e09280d1e2705",
"hash": "ce11226caf6a8d208e5d0a49a639fb320659279175b5df8167d334e715b95b20",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Generic.ServStart.A.C04AF154",
"virustotal": "https://www.virustotal.com/file/ce11226caf6a8d208e5d0a49a639fb320659279175b5df8167d334e715b95b20/analysis/1499716541/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/faba7887fd5778c1971e09280d1e2705"
},
{
"date": "07/10/2017 17:00:01",
"source": "cowrie 159.203.x.x",
"name": "0f144e03022b4c0fdbcda53d21be400830f3fe37b7977753c7e41bd360e6d9a3",
"hash": "0f144e03022b4c0fdbcda53d21be400830f3fe37b7977753c7e41bd360e6d9a3",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.2AE5F1AA",
"virustotal": "https://www.virustotal.com/file/0f144e03022b4c0fdbcda53d21be400830f3fe37b7977753c7e41bd360e6d9a3/analysis/1499428806/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0f144e03022b4c0fdbcda53d21be400830f3fe37b7977753c7e41bd360e6d9a3"
},
{
"date": "07/10/2017 15:00:01",
"source": "deonaea 192.241.x.x",
"name": "26b19058978e0dfee4d81f3e37bba036",
"hash": "42639212b0728c72583b726d6c67926783ef9e8034353b2bb32bad8f4f7e9cf9",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Trojan.Heur.RP.fmW@auSNRri",
"virustotal": "https://www.virustotal.com/file/42639212b0728c72583b726d6c67926783ef9e8034353b2bb32bad8f4f7e9cf9/analysis/1499659750/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/26b19058978e0dfee4d81f3e37bba036"
},
{
"date": "07/10/2017 14:25:01",
"source": "cowrie 159.203.x.x",
"name": "23f57d25ddeed67645a34827275b1d7187a4256f1e65f59f6788456877d7629f",
"hash": "23f57d25ddeed67645a34827275b1d7187a4256f1e65f59f6788456877d7629f",
"type": "Bourne-Again shell script, UTF-8 Unicode text executable, with escape sequences",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/23f57d25ddeed67645a34827275b1d7187a4256f1e65f59f6788456877d7629f/analysis/1499697007/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/23f57d25ddeed67645a34827275b1d7187a4256f1e65f59f6788456877d7629f"
},
{
"date": "07/09/2017 22:05:01",
"source": "deonaea 192.241.x.x",
"name": "2ae81302ee475219b0bcf0f177bfae7e",
"hash": "fd11c90894e9f9461ddb3071c62cbcd471b74a521f8bc3043618d95b17bec004",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Zegost.10",
"virustotal": "https://www.virustotal.com/file/fd11c90894e9f9461ddb3071c62cbcd471b74a521f8bc3043618d95b17bec004/analysis/1499402282/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2ae81302ee475219b0bcf0f177bfae7e"
},
{
"date": "07/09/2017 19:20:01",
"source": "cowrie 159.203.x.x",
"name": "09bf99c1e837c5d2919be7f310efb4699c3ee328f89f26b870004c2b147eb766",
"hash": "09bf99c1e837c5d2919be7f310efb4699c3ee328f89f26b870004c2b147eb766",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.86297548",
"virustotal": "https://www.virustotal.com/file/09bf99c1e837c5d2919be7f310efb4699c3ee328f89f26b870004c2b147eb766/analysis/1499380284/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/09bf99c1e837c5d2919be7f310efb4699c3ee328f89f26b870004c2b147eb766"
},
{
"date": "07/09/2017 18:30:01",
"source": "deonaea 192.241.x.x",
"name": "3d88a57d3277ca5ec548a8fa7b2bd1cb",
"hash": "0939198ff23f9e2fe0203b64ed0cefb6bfb340bb9d82a892c40e37930377ff2f",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Zusy.215725",
"virustotal": "https://www.virustotal.com/file/0939198ff23f9e2fe0203b64ed0cefb6bfb340bb9d82a892c40e37930377ff2f/analysis/1499380762/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/3d88a57d3277ca5ec548a8fa7b2bd1cb"
},
{
"date": "07/09/2017 17:20:01",
"source": "cowrie 159.203.x.x",
"name": "0236023a4b1680c1c818e16623675666e314d347122b899e2dc90955b7d711f3",
"hash": "0236023a4b1680c1c818e16623675666e314d347122b899e2dc90955b7d711f3",
"type": "Python script, ASCII text executable, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/0236023a4b1680c1c818e16623675666e314d347122b899e2dc90955b7d711f3/analysis/1499621406/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0236023a4b1680c1c818e16623675666e314d347122b899e2dc90955b7d711f3"
},
{
"date": "07/09/2017 16:10:01",
"source": "deonaea 159.203.x.x",
"name": "ce759a2dbafd3ffb200c75cbf840a50f",
"hash": "f7fffec21084ac174f552ecdb70783d483df8e1493defab8945698ed85d31580",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Trojan.Heur.RP.xC0@aWlcP3ab",
"virustotal": "https://www.virustotal.com/file/f7fffec21084ac174f552ecdb70783d483df8e1493defab8945698ed85d31580/analysis/1499361845/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ce759a2dbafd3ffb200c75cbf840a50f"
},
{
"date": "07/09/2017 13:15:01",
"source": "cowrie 159.203.x.x",
"name": "13ed835c8779b02f603873cf1997f27ba1f10fff6c85261997c6010d2c895c9b",
"hash": "13ed835c8779b02f603873cf1997f27ba1f10fff6c85261997c6010d2c895c9b",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.B4EEBD3B",
"virustotal": "https://www.virustotal.com/file/13ed835c8779b02f603873cf1997f27ba1f10fff6c85261997c6010d2c895c9b/analysis/1499607007/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/13ed835c8779b02f603873cf1997f27ba1f10fff6c85261997c6010d2c895c9b"
},
{
"date": "07/09/2017 13:00:01",
"source": "cowrie 159.203.x.x",
"name": "839ffe1d39154308766b4d2a88e0cc102791f51665a9f2027b1392871d9276ab",
"hash": "839ffe1d39154308766b4d2a88e0cc102791f51665a9f2027b1392871d9276ab",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.00170B02",
"virustotal": "https://www.virustotal.com/file/839ffe1d39154308766b4d2a88e0cc102791f51665a9f2027b1392871d9276ab/analysis/1499605206/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/839ffe1d39154308766b4d2a88e0cc102791f51665a9f2027b1392871d9276ab"
},
{
"date": "07/09/2017 11:35:01",
"source": "deonaea 192.241.x.x",
"name": "dff091e8d49824eb69e45d5abd0639d3",
"hash": "0bb8e496f29d0eedaa7c4518a5f08de6866a177ba13b09fca092390d4f970cda",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Trojan.Ranapama.JH",
"virustotal": "https://www.virustotal.com/file/0bb8e496f29d0eedaa7c4518a5f08de6866a177ba13b09fca092390d4f970cda/analysis/1499521608/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/dff091e8d49824eb69e45d5abd0639d3"
},
{
"date": "07/09/2017 08:20:01",
"source": "deonaea 192.241.x.x",
"name": "def03c7e2ff7606986d35e6c35deb944",
"hash": "2caf4cc89f5993db28a42ccfd5960e6b8e0c8c396347271fab0fbb95b902d3d5",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.57816",
"virustotal": "https://www.virustotal.com/file/2caf4cc89f5993db28a42ccfd5960e6b8e0c8c396347271fab0fbb95b902d3d5/analysis/1499583903/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/def03c7e2ff7606986d35e6c35deb944"
},
{
"date": "07/09/2017 05:00:01",
"source": "cowrie 159.203.x.x",
"name": "f3935d484abb24cc55181e523c70a30381ab370d7887049d44181827482df7c4",
"hash": "f3935d484abb24cc55181e523c70a30381ab370d7887049d44181827482df7c4",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.2936751A",
"virustotal": "https://www.virustotal.com/file/f3935d484abb24cc55181e523c70a30381ab370d7887049d44181827482df7c4/analysis/1499576452/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f3935d484abb24cc55181e523c70a30381ab370d7887049d44181827482df7c4"
},
{
"date": "07/09/2017 05:00:01",
"source": "cowrie 159.203.x.x",
"name": "1dd285771d8ab66d9f5c8e7ff143b2805278390958fa5b8049e47a970172074c",
"hash": "1dd285771d8ab66d9f5c8e7ff143b2805278390958fa5b8049e47a970172074c",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.DBB7E20A",
"virustotal": "https://www.virustotal.com/file/1dd285771d8ab66d9f5c8e7ff143b2805278390958fa5b8049e47a970172074c/analysis/1499576408/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1dd285771d8ab66d9f5c8e7ff143b2805278390958fa5b8049e47a970172074c"
},
{
"date": "07/09/2017 04:30:01",
"source": "cowrie 159.203.x.x",
"name": "a36191ebfb19b4f697280ed8dc299954158cd13c132f4647084c9309480dae31",
"hash": "a36191ebfb19b4f697280ed8dc299954158cd13c132f4647084c9309480dae31",
"type": "a /usr/bin/perl script executable (binary data)",
"classification": "Backdoor.Perl.Shellbot.F",
"virustotal": "https://www.virustotal.com/file/a36191ebfb19b4f697280ed8dc299954158cd13c132f4647084c9309480dae31/analysis/1498614777/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a36191ebfb19b4f697280ed8dc299954158cd13c132f4647084c9309480dae31"
},
{
"date": "07/08/2017 23:20:01",
"source": "deonaea 192.241.x.x",
"name": "e73d76f2f1a7f0ef6b948bd064d8df1f",
"hash": "e906cf6d0f1dca95a6945a21865161c113186e3bcc37701726fa280a8c9484d9",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.65839",
"virustotal": "https://www.virustotal.com/file/e906cf6d0f1dca95a6945a21865161c113186e3bcc37701726fa280a8c9484d9/analysis/1499541748/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e73d76f2f1a7f0ef6b948bd064d8df1f"
},
{
"date": "07/08/2017 18:05:01",
"source": "deonaea 192.241.x.x",
"name": "61cc30244754023eb3a0d55a229e4ba3",
"hash": "297e09158058d61fa47c753e1a8ce20df3c2284b996c6dbcec915e7bae71f1dc",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.57816",
"virustotal": "https://www.virustotal.com/file/297e09158058d61fa47c753e1a8ce20df3c2284b996c6dbcec915e7bae71f1dc/analysis/1499509061/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/61cc30244754023eb3a0d55a229e4ba3"
},
{
"date": "07/08/2017 17:35:01",
"source": "deonaea 192.241.x.x",
"name": "http-RXB3ht",
"hash": "521fef6975eda779c96f50e4154edd9fb343313e6322cac6947c357825fe7458",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.164266",
"virustotal": "https://www.virustotal.com/file/521fef6975eda779c96f50e4154edd9fb343313e6322cac6947c357825fe7458/analysis/1499536849/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/http-RXB3ht"
},
{
"date": "07/08/2017 17:35:01",
"source": "deonaea 192.241.x.x",
"name": "http-4hwvVI",
"hash": "f2019e55c654d9fd587b0b3050e7ca09fac99b2647657d091dba5007faccea67",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.164266",
"virustotal": "https://www.virustotal.com/file/f2019e55c654d9fd587b0b3050e7ca09fac99b2647657d091dba5007faccea67/analysis/1499536807/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/http-4hwvVI"
},
{
"date": "07/08/2017 09:10:01",
"source": "deonaea 159.203.x.x",
"name": "d6933e14604af38dc6d00d0fce723ae1",
"hash": "131783fe63a4454d9543dbbfc0e42e8fd9b5555ad58f86d5224ababe11f04c53",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Generic.Mulinex.C50F1994",
"virustotal": "https://www.virustotal.com/file/131783fe63a4454d9543dbbfc0e42e8fd9b5555ad58f86d5224ababe11f04c53/analysis/1499506206/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/d6933e14604af38dc6d00d0fce723ae1"
},
{
"date": "07/08/2017 06:20:01",
"source": "deonaea 192.241.x.x",
"name": "7042a6023da45057efd42cc8eb911250",
"hash": "55f6446a3f07f8b9013a9974770701344514b77239324d11b96ae78efe2b2285",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Zusy.216802",
"virustotal": "https://www.virustotal.com/file/55f6446a3f07f8b9013a9974770701344514b77239324d11b96ae78efe2b2285/analysis/1499495445/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7042a6023da45057efd42cc8eb911250"
},
{
"date": "07/08/2017 04:35:01",
"source": "deonaea 159.203.x.x",
"name": "f6aa2279de681631d951bd2caec01d3e",
"hash": "ba20237ddef6de99dd105523b14e5e439c2fa5410aeaad072171ea0d507e8050",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.65839",
"virustotal": "https://www.virustotal.com/file/ba20237ddef6de99dd105523b14e5e439c2fa5410aeaad072171ea0d507e8050/analysis/1499274726/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f6aa2279de681631d951bd2caec01d3e"
},
{
"date": "07/08/2017 04:35:01",
"source": "deonaea 159.203.x.x",
"name": "6cb1f49e00da550293803456ff61eabc",
"hash": "f6e88c9553eae4aea019cf6b96955a2d3a428c97eccb661048130b24a5d82e96",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "W32/Agent.EW.gen!Eldorado",
"virustotal": "https://www.virustotal.com/file/f6e88c9553eae4aea019cf6b96955a2d3a428c97eccb661048130b24a5d82e96/analysis/1499478800/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/6cb1f49e00da550293803456ff61eabc"
},
{
"date": "07/08/2017 04:35:01",
"source": "deonaea 159.203.x.x",
"name": "368dbaa22a7006b92d0165706fc78b47",
"hash": "f685ce44137ae97fb87e6975f98b2823a62e14074059513afef5261cd643c1ee",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Trojan.Heur.Qy0@uiiCfPfi",
"virustotal": "https://www.virustotal.com/file/f685ce44137ae97fb87e6975f98b2823a62e14074059513afef5261cd643c1ee/analysis/1499442946/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/368dbaa22a7006b92d0165706fc78b47"
},
{
"date": "07/07/2017 18:40:01",
"source": "deonaea 159.203.x.x",
"name": "98098e71b213d3471e49343b0f01a59c",
"hash": "8bb2875cb907d49adfdd111a508f63a5cfd97e13129a6c3cc8845993abf392f9",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Generic.ServStart.A.18CB13E1",
"virustotal": "https://www.virustotal.com/file/8bb2875cb907d49adfdd111a508f63a5cfd97e13129a6c3cc8845993abf392f9/analysis/1499434545/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/98098e71b213d3471e49343b0f01a59c"
},
{
"date": "07/07/2017 15:50:01",
"source": "deonaea 192.241.x.x",
"name": "b13bcb41c942fc2923aaea287f9ac8dd",
"hash": "aeaa5c38e6daa0753533e37be6857b3140b9a57458dff4f4e4e4b103a304c14c",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Trojan.Heur.RP.fmW@aa!s1df",
"virustotal": "https://www.virustotal.com/file/aeaa5c38e6daa0753533e37be6857b3140b9a57458dff4f4e4e4b103a304c14c/analysis/1499404181/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b13bcb41c942fc2923aaea287f9ac8dd"
},
{
"date": "07/07/2017 14:35:01",
"source": "deonaea 192.241.x.x",
"name": "260e3c90813fb8cbcadbd1d2631e1687",
"hash": "8fdbc79b42e0d6b4da65a910848420eff05dcaa38460f0c2d4499d1f3df38d56",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Ramnit",
"virustotal": "https://www.virustotal.com/file/8fdbc79b42e0d6b4da65a910848420eff05dcaa38460f0c2d4499d1f3df38d56/analysis/1499439607/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/260e3c90813fb8cbcadbd1d2631e1687"
},
{
"date": "07/07/2017 13:10:01",
"source": "cowrie 159.203.x.x",
"name": "32d21636943309e975f29365e917c4d626abc4d95f64feda2915c6a4ad0ded2e",
"hash": "32d21636943309e975f29365e917c4d626abc4d95f64feda2915c6a4ad0ded2e",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.A7C47D91",
"virustotal": "https://www.virustotal.com/file/32d21636943309e975f29365e917c4d626abc4d95f64feda2915c6a4ad0ded2e/analysis/1499434250/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/32d21636943309e975f29365e917c4d626abc4d95f64feda2915c6a4ad0ded2e"
},
{
"date": "07/07/2017 13:05:01",
"source": "cowrie 159.203.x.x",
"name": "6af204a19f98202ad91a60536b000cba924a1b768d77dedd4f88600e70f6d43c",
"hash": "6af204a19f98202ad91a60536b000cba924a1b768d77dedd4f88600e70f6d43c",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.75B14850",
"virustotal": "https://www.virustotal.com/file/6af204a19f98202ad91a60536b000cba924a1b768d77dedd4f88600e70f6d43c/analysis/1499434206/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/6af204a19f98202ad91a60536b000cba924a1b768d77dedd4f88600e70f6d43c"
},
{
"date": "07/07/2017 08:10:01",
"source": "cowrie 159.203.x.x",
"name": "02cd63a2e9d2cd538ca5230380ad3668b967955f193ec1090b275baa55315680",
"hash": "02cd63a2e9d2cd538ca5230380ad3668b967955f193ec1090b275baa55315680",
"type": "Python script, ASCII text executable",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/02cd63a2e9d2cd538ca5230380ad3668b967955f193ec1090b275baa55315680/analysis/1496398224/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/02cd63a2e9d2cd538ca5230380ad3668b967955f193ec1090b275baa55315680"
},
{
"date": "07/07/2017 05:25:01",
"source": "deonaea 192.241.x.x",
"name": "5a957607b4991206fad0d48ab40b676a",
"hash": "f778c65675c2d18f24f99521e93073cb9e485ac723e18e111dfc559a37880b25",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.154198",
"virustotal": "https://www.virustotal.com/file/f778c65675c2d18f24f99521e93073cb9e485ac723e18e111dfc559a37880b25/analysis/1499366114/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5a957607b4991206fad0d48ab40b676a"
},
{
"date": "07/07/2017 05:20:01",
"source": "deonaea 192.241.x.x",
"name": "http-ZkweIw",
"hash": "d9ce5b90fd6787ce746f71d156687f786fc9160e9ac21ce78487f1be4c900ebb",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.154198",
"virustotal": "https://www.virustotal.com/file/d9ce5b90fd6787ce746f71d156687f786fc9160e9ac21ce78487f1be4c900ebb/analysis/1499405406/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/http-ZkweIw"
},
{
"date": "07/06/2017 22:15:01",
"source": "deonaea 192.241.x.x",
"name": "ee3f05042167f588979576698c9211f7",
"hash": "ee82d7a86b34c6bf30ff4f400839052cf913050b06a919be66aeec24ed248143",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Dropped:Generic.Malware.PPkg.7C5743D6",
"virustotal": "https://www.virustotal.com/file/ee82d7a86b34c6bf30ff4f400839052cf913050b06a919be66aeec24ed248143/analysis/1499344401/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ee3f05042167f588979576698c9211f7"
},
{
"date": "07/06/2017 18:30:01",
"source": "deonaea 192.241.x.x",
"name": "b7940852a3b011431b4bcbd0fb234259",
"hash": "ce8efc7fea93c1884a0d8b70dafc69cfa8474acb11df0b992a21a7b8edc9527c",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.154198",
"virustotal": "https://www.virustotal.com/file/ce8efc7fea93c1884a0d8b70dafc69cfa8474acb11df0b992a21a7b8edc9527c/analysis/1499366214/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b7940852a3b011431b4bcbd0fb234259"
},
{
"date": "07/06/2017 10:00:01",
"source": "deonaea 159.203.x.x",
"name": "0f150f878a3f7f5e518ede83960e490f",
"hash": "79cbb65b6c6408cb1767bb1cb5003eb1eee76effb7da88ddaa589b58f0dc5ae2",
"type": "PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows",
"classification": "Unwanted-Program ( 004b8f7a1 )",
"virustotal": "https://www.virustotal.com/file/79cbb65b6c6408cb1767bb1cb5003eb1eee76effb7da88ddaa589b58f0dc5ae2/analysis/1497916583/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0f150f878a3f7f5e518ede83960e490f"
},
{
"date": "07/06/2017 08:30:01",
"source": "deonaea 192.241.x.x",
"name": "584488fe46d8691983982aa42ed6ae44",
"hash": "aba38643f2ad554218be20f599d8053d45e0778b3192fe2f92b3161a44cb8edb",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Win32.NetworkWorm.fq0@ayq73ukb",
"virustotal": "https://www.virustotal.com/file/aba38643f2ad554218be20f599d8053d45e0778b3192fe2f92b3161a44cb8edb/analysis/1499327440/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/584488fe46d8691983982aa42ed6ae44"
},
{
"date": "07/06/2017 08:20:01",
"source": "deonaea 192.241.x.x",
"name": "93d6351c6a31aeec9b6b869ba8e9f9a1",
"hash": "d110ddc88899292adfb903451a7d8e94c340f6a45b9e3957a67f815fcbea94b8",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Virtob.Gen.12",
"virustotal": "https://www.virustotal.com/file/d110ddc88899292adfb903451a7d8e94c340f6a45b9e3957a67f815fcbea94b8/analysis/1499323840/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/93d6351c6a31aeec9b6b869ba8e9f9a1"
},
{
"date": "07/06/2017 08:15:01",
"source": "deonaea 159.203.x.x",
"name": "smb-si1lwp2t.tmp",
"hash": "7b2f8c43b4c92fb2add9fce264e92668dac2530493c51c5d6b45dcb764e208ed",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Win32.SMTP-Mailer.dqW@aqb@WXmG",
"virustotal": "https://www.virustotal.com/file/7b2f8c43b4c92fb2add9fce264e92668dac2530493c51c5d6b45dcb764e208ed/analysis/1499314057/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/smb-si1lwp2t.tmp"
},
{
"date": "07/05/2017 14:20:01",
"source": "cowrie 159.203.x.x",
"name": "dc5e4fbcab1ca411173b26864a0e9b88a892777a150bd7e98d9c5807dc69d912",
"hash": "dc5e4fbcab1ca411173b26864a0e9b88a892777a150bd7e98d9c5807dc69d912",
"type": "ASCII text",
"classification": "Trojan.Downloader.BashAgent.AFM",
"virustotal": "https://www.virustotal.com/file/dc5e4fbcab1ca411173b26864a0e9b88a892777a150bd7e98d9c5807dc69d912/analysis/1499256394/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/dc5e4fbcab1ca411173b26864a0e9b88a892777a150bd7e98d9c5807dc69d912"
},
{
"date": "07/05/2017 10:55:01",
"source": "cowrie 159.203.x.x",
"name": "89f16bfb2e8afe05fa8d2b1720188d669f4622a060ec8b36bde35db19b9d6ad3",
"hash": "89f16bfb2e8afe05fa8d2b1720188d669f4622a060ec8b36bde35db19b9d6ad3",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.AD24B24C",
"virustotal": "https://www.virustotal.com/file/89f16bfb2e8afe05fa8d2b1720188d669f4622a060ec8b36bde35db19b9d6ad3/analysis/1499252448/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/89f16bfb2e8afe05fa8d2b1720188d669f4622a060ec8b36bde35db19b9d6ad3"
},
{
"date": "07/05/2017 10:55:01",
"source": "cowrie 159.203.x.x",
"name": "04d882e5879004b22779f4b18583e322e06ae4e3fcfb961fae13cc77b4d2dd18",
"hash": "04d882e5879004b22779f4b18583e322e06ae4e3fcfb961fae13cc77b4d2dd18",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.4AD63F64",
"virustotal": "https://www.virustotal.com/file/04d882e5879004b22779f4b18583e322e06ae4e3fcfb961fae13cc77b4d2dd18/analysis/1499252407/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/04d882e5879004b22779f4b18583e322e06ae4e3fcfb961fae13cc77b4d2dd18"
},
{
"date": "07/05/2017 08:10:01",
"source": "deonaea 192.241.x.x",
"name": "3c43e0013ced3e2745d40792049718ff",
"hash": "b3fff043c6cdd8de30b00958f8e2f9071c3b705a6de6becec200efa3d09485bd",
"type": "ASCII text, with very long lines, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/b3fff043c6cdd8de30b00958f8e2f9071c3b705a6de6becec200efa3d09485bd/analysis/1499234688/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/3c43e0013ced3e2745d40792049718ff"
},
{
"date": "07/05/2017 07:00:01",
"source": "deonaea 192.241.x.x",
"name": "0691174ba66d9c7371de94a981c06066",
"hash": "194b4c9051a87f81bd9aabdf7b5379217fe21986bfd00da3ff3898bbb2e53a73",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.212189",
"virustotal": "https://www.virustotal.com/file/194b4c9051a87f81bd9aabdf7b5379217fe21986bfd00da3ff3898bbb2e53a73/analysis/1498787804/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0691174ba66d9c7371de94a981c06066"
},
{
"date": "07/04/2017 15:30:01",
"source": "cowrie 159.203.x.x",
"name": "02c380ab845e75915b613e21597c4ceb5b4aad04bfaa7e3d0bc46f8ffb3b98a8",
"hash": "02c380ab845e75915b613e21597c4ceb5b4aad04bfaa7e3d0bc46f8ffb3b98a8",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.81FD3F35",
"virustotal": "https://www.virustotal.com/file/02c380ab845e75915b613e21597c4ceb5b4aad04bfaa7e3d0bc46f8ffb3b98a8/analysis/1498941975/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/02c380ab845e75915b613e21597c4ceb5b4aad04bfaa7e3d0bc46f8ffb3b98a8"
},
{
"date": "07/04/2017 09:20:01",
"source": "deonaea 159.203.x.x",
"name": "6d287a93927a62aca228bdb69aceba97",
"hash": "3229ab497a7684744ac5f32d4ed145337ac418d0d56ced84b0c01862746f9825",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Zusy.146404",
"virustotal": "https://www.virustotal.com/file/3229ab497a7684744ac5f32d4ed145337ac418d0d56ced84b0c01862746f9825/analysis/1499160607/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/6d287a93927a62aca228bdb69aceba97"
},
{
"date": "07/04/2017 06:25:01",
"source": "deonaea 192.241.x.x",
"name": "802385019eac7a847e8c90ffc95d9ac6",
"hash": "0a621f50d7db2918fc4a5b7915ff00c7712b82aeb76096589c19d85f67673fb8",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Trojan.Agent.BYGG",
"virustotal": "https://www.virustotal.com/file/0a621f50d7db2918fc4a5b7915ff00c7712b82aeb76096589c19d85f67673fb8/analysis/1498907551/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/802385019eac7a847e8c90ffc95d9ac6"
},
{
"date": "07/04/2017 02:50:01",
"source": "deonaea 159.203.x.x",
"name": "ec06311112c46ebf30d3f84e7393b357",
"hash": "21b9470a4df4ddd64a326905fba09c260aa1971aa542715db6c3a7b1f609b2fd",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Ramnit",
"virustotal": "https://www.virustotal.com/file/21b9470a4df4ddd64a326905fba09c260aa1971aa542715db6c3a7b1f609b2fd/analysis/1499137067/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ec06311112c46ebf30d3f84e7393b357"
},
{
"date": "07/04/2017 01:00:01",
"source": "cowrie 159.203.x.x",
"name": "734b9d9c351de21090ef3f0f63cc79597726b880572a1e8b785fe2a494eac9f4",
"hash": "734b9d9c351de21090ef3f0f63cc79597726b880572a1e8b785fe2a494eac9f4",
"type": "POSIX shell script, ASCII text executable, with CRLF line terminators",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/734b9d9c351de21090ef3f0f63cc79597726b880572a1e8b785fe2a494eac9f4/analysis/1499030338/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/734b9d9c351de21090ef3f0f63cc79597726b880572a1e8b785fe2a494eac9f4"
},
{
"date": "07/03/2017 16:25:01",
"source": "deonaea 192.241.x.x",
"name": "caf92d1b1cbb018c012c5a01887eca13",
"hash": "4c1a3e215611d8e506577934b2a9ee6530c1f6865ea89d7910b915f58b4ff315",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Generic.ServStart.A.78C188D2",
"virustotal": "https://www.virustotal.com/file/4c1a3e215611d8e506577934b2a9ee6530c1f6865ea89d7910b915f58b4ff315/analysis/1499099407/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/caf92d1b1cbb018c012c5a01887eca13"
},
{
"date": "07/03/2017 04:40:01",
"source": "cowrie 159.203.x.x",
"name": "888f27da8ed16117a38ce36eb1b3a09a5deb96f2b6353182309b7eccf8c94719",
"hash": "888f27da8ed16117a38ce36eb1b3a09a5deb96f2b6353182309b7eccf8c94719",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.387302AF",
"virustotal": "https://www.virustotal.com/file/888f27da8ed16117a38ce36eb1b3a09a5deb96f2b6353182309b7eccf8c94719/analysis/1498878617/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/888f27da8ed16117a38ce36eb1b3a09a5deb96f2b6353182309b7eccf8c94719"
},
{
"date": "07/02/2017 10:10:01",
"source": "deonaea 159.203.x.x",
"name": "2d7657066b043ca0cf079417cb92dfc2",
"hash": "1c6c7064b4cd38d0e3b5dc7e03ea5fca8db58281abbbc2c36bb50ffe0b89a1d6",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/1c6c7064b4cd38d0e3b5dc7e03ea5fca8db58281abbbc2c36bb50ffe0b89a1d6/analysis/1498922864/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2d7657066b043ca0cf079417cb92dfc2"
},
{
"date": "07/02/2017 09:25:01",
"source": "cowrie 159.203.x.x",
"name": "6dec440788b6fd492dafc084336b9e77170d303f85fac4c05b29fc97ffce0d0b",
"hash": "6dec440788b6fd492dafc084336b9e77170d303f85fac4c05b29fc97ffce0d0b",
"type": "Python script, ASCII text executable",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/6dec440788b6fd492dafc084336b9e77170d303f85fac4c05b29fc97ffce0d0b/analysis/1477677009/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/6dec440788b6fd492dafc084336b9e77170d303f85fac4c05b29fc97ffce0d0b"
},
{
"date": "07/02/2017 07:00:01",
"source": "cowrie 159.203.x.x",
"name": "d8be01822c24361acba829a237db9aa21aac41c48d56fe354e5c934feb3e7b21",
"hash": "d8be01822c24361acba829a237db9aa21aac41c48d56fe354e5c934feb3e7b21",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.F242BAA1",
"virustotal": "https://www.virustotal.com/file/d8be01822c24361acba829a237db9aa21aac41c48d56fe354e5c934feb3e7b21/analysis/1498790385/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/d8be01822c24361acba829a237db9aa21aac41c48d56fe354e5c934feb3e7b21"
},
{
"date": "07/02/2017 07:00:01",
"source": "cowrie 159.203.x.x",
"name": "a4a3f605da7eda1aaa574992473b513bed439454185de7dd2f511e0f360c1d46",
"hash": "a4a3f605da7eda1aaa574992473b513bed439454185de7dd2f511e0f360c1d46",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.F4186189",
"virustotal": "https://www.virustotal.com/file/a4a3f605da7eda1aaa574992473b513bed439454185de7dd2f511e0f360c1d46/analysis/1498954967/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a4a3f605da7eda1aaa574992473b513bed439454185de7dd2f511e0f360c1d46"
},
{
"date": "07/02/2017 01:30:01",
"source": "deonaea 192.241.x.x",
"name": "7e067bca9ec00d81dad93181bbc5e607",
"hash": "4a64e8690a458de418fc7866e2e1a216090ba2232926a36ec3cbbd0d634a1ce6",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Mikey.50033",
"virustotal": "https://www.virustotal.com/file/4a64e8690a458de418fc7866e2e1a216090ba2232926a36ec3cbbd0d634a1ce6/analysis/1498934413/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7e067bca9ec00d81dad93181bbc5e607"
},
{
"date": "07/02/2017 01:30:01",
"source": "deonaea 192.241.x.x",
"name": "53309bd4c8bb25277f788383ee5c8b46",
"hash": "d28439d5e86a6a89aa67e2783d0dc80f797c281e766dfa2c69b2ab477eaa1d4b",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Mikey.50033",
"virustotal": "https://www.virustotal.com/file/d28439d5e86a6a89aa67e2783d0dc80f797c281e766dfa2c69b2ab477eaa1d4b/analysis/1498788569/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/53309bd4c8bb25277f788383ee5c8b46"
},
{
"date": "07/01/2017 18:45:01",
"source": "cowrie 159.203.x.x",
"name": "2088ded3577962047af69447382479a2f58e08722e5f4ce965ce1dbfeca11a09",
"hash": "2088ded3577962047af69447382479a2f58e08722e5f4ce965ce1dbfeca11a09",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.61919002",
"virustotal": "https://www.virustotal.com/file/2088ded3577962047af69447382479a2f58e08722e5f4ce965ce1dbfeca11a09/analysis/1498935649/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2088ded3577962047af69447382479a2f58e08722e5f4ce965ce1dbfeca11a09"
},
{
"date": "07/01/2017 18:45:01",
"source": "cowrie 159.203.x.x",
"name": "1ed5d5f3567dfe2c9df5c07bf2998caf71466c579ca181d4968040cd95abe2a9",
"hash": "1ed5d5f3567dfe2c9df5c07bf2998caf71466c579ca181d4968040cd95abe2a9",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.EC5CD337",
"virustotal": "https://www.virustotal.com/file/1ed5d5f3567dfe2c9df5c07bf2998caf71466c579ca181d4968040cd95abe2a9/analysis/1498935607/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1ed5d5f3567dfe2c9df5c07bf2998caf71466c579ca181d4968040cd95abe2a9"
},
{
"date": "07/01/2017 10:15:01",
"source": "deonaea 192.241.x.x",
"name": "69e99e0bf5f0d0b43c98d0452cfd0fd9",
"hash": "ee86ef3912b1278964d0d816fa7382c330961e39c1b31d914d9e8ec26102a67d",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Gen:Trojan.Heur.GM.0000026500",
"virustotal": "https://www.virustotal.com/file/ee86ef3912b1278964d0d816fa7382c330961e39c1b31d914d9e8ec26102a67d/analysis/1498779905/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/69e99e0bf5f0d0b43c98d0452cfd0fd9"
},
{
"date": "07/01/2017 09:45:01",
"source": "cowrie 159.203.x.x",
"name": "38ae210d225123f6d2fb5e4d893b07581a311bbc50d11f47c4ad98bf18f9465f",
"hash": "38ae210d225123f6d2fb5e4d893b07581a311bbc50d11f47c4ad98bf18f9465f",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.C70EC508",
"virustotal": "https://www.virustotal.com/file/38ae210d225123f6d2fb5e4d893b07581a311bbc50d11f47c4ad98bf18f9465f/analysis/1498333620/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/38ae210d225123f6d2fb5e4d893b07581a311bbc50d11f47c4ad98bf18f9465f"
},
{
"date": "07/01/2017 02:15:01",
"source": "deonaea 159.203.x.x",
"name": "smb-f5qhhwaj.tmp",
"hash": "a29d02251f54567edb1d32f7c17ce4c04d5c54e317eb3b2bea2a068da728e59a",
"type": "MS-DOS executable, MZ for MS-DOS",
"classification": "Trojan.GenericKD.4484531",
"virustotal": "https://www.virustotal.com/file/a29d02251f54567edb1d32f7c17ce4c04d5c54e317eb3b2bea2a068da728e59a/analysis/1498795444/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/smb-f5qhhwaj.tmp"
},
{
"date": "06/30/2017 20:30:01",
"source": "cowrie 159.203.x.x",
"name": "14199e1fac7c841a827567e5f2027ca2cd00799b7b95f7ad6181121ae60249cd",
"hash": "14199e1fac7c841a827567e5f2027ca2cd00799b7b95f7ad6181121ae60249cd",
"type": "ASCII text",
"classification": "Trojan.Downloader.BashAgent.AFM",
"virustotal": "https://www.virustotal.com/file/14199e1fac7c841a827567e5f2027ca2cd00799b7b95f7ad6181121ae60249cd/analysis/1498840668/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/14199e1fac7c841a827567e5f2027ca2cd00799b7b95f7ad6181121ae60249cd"
},
{
"date": "06/30/2017 18:35:01",
"source": "deonaea 159.203.x.x",
"name": "smb-03xfbulf.tmp",
"hash": "a29d02251f54567edb1d32f7c17ce4c04d5c54e317eb3b2bea2a068da728e59a",
"type": "MS-DOS executable, MZ for MS-DOS",
"classification": "Trojan.GenericKD.4484531",
"virustotal": "https://www.virustotal.com/file/a29d02251f54567edb1d32f7c17ce4c04d5c54e317eb3b2bea2a068da728e59a/analysis/1498795444/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/smb-03xfbulf.tmp"
},
{
"date": "06/30/2017 17:30:01",
"source": "cowrie 159.203.x.x",
"name": "2a35119dfd5b10083df9a1aa0bf32d4324aca2dc6cc4d6296de284fcb12d1987",
"hash": "2a35119dfd5b10083df9a1aa0bf32d4324aca2dc6cc4d6296de284fcb12d1987",
"type": "a /usr/bin/perl script executable (binary data)",
"classification": "Backdoor.Perl.Shellbot.B",
"virustotal": "https://www.virustotal.com/file/2a35119dfd5b10083df9a1aa0bf32d4324aca2dc6cc4d6296de284fcb12d1987/analysis/1498802408/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2a35119dfd5b10083df9a1aa0bf32d4324aca2dc6cc4d6296de284fcb12d1987"
},
{
"date": "06/30/2017 14:15:01",
"source": "deonaea 192.241.x.x",
"name": "4b39bf02360e215fbb5a9e79a8866bb7",
"hash": "d58735abeac9e06b75afd4e4e3580da05db6ee4236bf8088fa8de1f6fb7c42da",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "DeepScan:Generic.ServStart.A.17B08740",
"virustotal": "https://www.virustotal.com/file/d58735abeac9e06b75afd4e4e3580da05db6ee4236bf8088fa8de1f6fb7c42da/analysis/1498799150/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/4b39bf02360e215fbb5a9e79a8866bb7"
},
{
"date": "06/30/2017 07:40:01",
"source": "deonaea 159.203.x.x",
"name": "a80307f6087253365841b274b705d76e",
"hash": "7e3026d86d848b72cfe9c4737e31329494ce5d2a11e78551d90c2f425829d96d",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Strictor.137718",
"virustotal": "https://www.virustotal.com/file/7e3026d86d848b72cfe9c4737e31329494ce5d2a11e78551d90c2f425829d96d/analysis/1498808764/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a80307f6087253365841b274b705d76e"
},
{
"date": "06/30/2017 07:40:01",
"source": "deonaea 159.203.x.x",
"name": "815c30fcdce963efe8efeff6ef7480ed",
"hash": "b57b0d04c06d5610feb0e45ff41c6003d8a626832aaca3b5bf3aa182a41b062f",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.4348",
"virustotal": "https://www.virustotal.com/file/b57b0d04c06d5610feb0e45ff41c6003d8a626832aaca3b5bf3aa182a41b062f/analysis/1498808805/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/815c30fcdce963efe8efeff6ef7480ed"
},
{
"date": "06/30/2017 00:40:01",
"source": "deonaea 192.241.x.x",
"name": "a4cd6c68ae875a46b5bc4cb1513e0fa5",
"hash": "1e9af9e0903b6ebe79865c3f89697224a62061c3175b5eb4d0130de831b3e43c",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Trojan.Heur.RP.fmW@a0uz9Qb",
"virustotal": "https://www.virustotal.com/file/1e9af9e0903b6ebe79865c3f89697224a62061c3175b5eb4d0130de831b3e43c/analysis/1498720203/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a4cd6c68ae875a46b5bc4cb1513e0fa5"
},
{
"date": "06/29/2017 17:05:01",
"source": "cowrie 159.203.x.x",
"name": "916e009dc5c6f41d3335bd15a58b4d9d06f384f779d208063fd395ecbdf91da9",
"hash": "916e009dc5c6f41d3335bd15a58b4d9d06f384f779d208063fd395ecbdf91da9",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.A2824B7B",
"virustotal": "https://www.virustotal.com/file/916e009dc5c6f41d3335bd15a58b4d9d06f384f779d208063fd395ecbdf91da9/analysis/1498214293/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/916e009dc5c6f41d3335bd15a58b4d9d06f384f779d208063fd395ecbdf91da9"
},
{
"date": "06/29/2017 13:50:01",
"source": "cowrie 159.203.x.x",
"name": "f5e5a46d1f7fb975b8012630351956638ff3c5491c953b7b05a62d44690f36a0",
"hash": "f5e5a46d1f7fb975b8012630351956638ff3c5491c953b7b05a62d44690f36a0",
"type": "ASCII text",
"classification": "BV:Downloader-II [Trj]",
"virustotal": "https://www.virustotal.com/file/f5e5a46d1f7fb975b8012630351956638ff3c5491c953b7b05a62d44690f36a0/analysis/1498744851/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f5e5a46d1f7fb975b8012630351956638ff3c5491c953b7b05a62d44690f36a0"
},
{
"date": "06/29/2017 13:50:01",
"source": "cowrie 159.203.x.x",
"name": "af4e6073a71c7e2b7b3645839ccb4a1e0548671265b3d5d899e9a70fa3d5b1f6",
"hash": "af4e6073a71c7e2b7b3645839ccb4a1e0548671265b3d5d899e9a70fa3d5b1f6",
"type": "ASCII text",
"classification": "BV:Downloader-JV [Drp]",
"virustotal": "https://www.virustotal.com/file/af4e6073a71c7e2b7b3645839ccb4a1e0548671265b3d5d899e9a70fa3d5b1f6/analysis/1498744893/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/af4e6073a71c7e2b7b3645839ccb4a1e0548671265b3d5d899e9a70fa3d5b1f6"
},
{
"date": "06/29/2017 13:50:01",
"source": "cowrie 159.203.x.x",
"name": "540cf3c35861024a5f7e5d0da8751c7b74251176c04a94414387eea784063335",
"hash": "540cf3c35861024a5f7e5d0da8751c7b74251176c04a94414387eea784063335",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/540cf3c35861024a5f7e5d0da8751c7b74251176c04a94414387eea784063335/analysis/1498744935/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/540cf3c35861024a5f7e5d0da8751c7b74251176c04a94414387eea784063335"
},
{
"date": "06/29/2017 13:45:01",
"source": "deonaea 192.241.x.x",
"name": "dd6cfd4dbaf2aad1450ddf7b3ed19b51",
"hash": "e913ed5fdc62fcf838a6c82f9448e0a679c06be724bbb808f7c388425603a33c",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Ramnit",
"virustotal": "https://www.virustotal.com/file/e913ed5fdc62fcf838a6c82f9448e0a679c06be724bbb808f7c388425603a33c/analysis/1498744807/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/dd6cfd4dbaf2aad1450ddf7b3ed19b51"
},
{
"date": "06/29/2017 12:45:01",
"source": "deonaea 192.241.x.x",
"name": "8120185b3bc43a532748f94d973b2d28",
"hash": "ac6cad827374007d0f39befbcbe6b440930ace0fe46e48ccbc7e28d2055ae2f0",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Ramnit",
"virustotal": "https://www.virustotal.com/file/ac6cad827374007d0f39befbcbe6b440930ace0fe46e48ccbc7e28d2055ae2f0/analysis/1498741207/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8120185b3bc43a532748f94d973b2d28"
},
{
"date": "06/29/2017 09:45:01",
"source": "cowrie 159.203.x.x",
"name": "fc9371ec1cc192f434249afc4644288b28be2035d3cce20dda69868fbb1bd018",
"hash": "fc9371ec1cc192f434249afc4644288b28be2035d3cce20dda69868fbb1bd018",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.0818009C",
"virustotal": "https://www.virustotal.com/file/fc9371ec1cc192f434249afc4644288b28be2035d3cce20dda69868fbb1bd018/analysis/1498637104/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/fc9371ec1cc192f434249afc4644288b28be2035d3cce20dda69868fbb1bd018"
},
{
"date": "06/29/2017 07:55:02",
"source": "cowrie 159.203.x.x",
"name": "596df4acbbd558ea4c6da5141c3e0eb57887cd8171563abfc3804151fe0d04ee",
"hash": "596df4acbbd558ea4c6da5141c3e0eb57887cd8171563abfc3804151fe0d04ee",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/596df4acbbd558ea4c6da5141c3e0eb57887cd8171563abfc3804151fe0d04ee/analysis/1498723206/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/596df4acbbd558ea4c6da5141c3e0eb57887cd8171563abfc3804151fe0d04ee"
},
{
"date": "06/29/2017 05:40:01",
"source": "deonaea 159.203.x.x",
"name": "smb-93o2pi2x.tmp",
"hash": "196461280d5ac9bf706164c6d6a81e44c76a106e095e1506b52ca0940d582991",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Win32.SMTP-Mailer.dqW@aSUwtlbG",
"virustotal": "https://www.virustotal.com/file/196461280d5ac9bf706164c6d6a81e44c76a106e095e1506b52ca0940d582991/analysis/1498624876/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/smb-93o2pi2x.tmp"
},
{
"date": "06/29/2017 00:55:01",
"source": "cowrie 159.203.x.x",
"name": "8ff09492faefdc030bdbb2f0cac7e031a077ba0a91b6956a592e1bd43efff83c",
"hash": "8ff09492faefdc030bdbb2f0cac7e031a077ba0a91b6956a592e1bd43efff83c",
"type": "POSIX shell script, ASCII text executable, with CRLF line terminators",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/8ff09492faefdc030bdbb2f0cac7e031a077ba0a91b6956a592e1bd43efff83c/analysis/1498683185/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8ff09492faefdc030bdbb2f0cac7e031a077ba0a91b6956a592e1bd43efff83c"
},
{
"date": "06/28/2017 17:25:01",
"source": "viper 45.55.x.x",
"name": "http-wjnK0B",
"hash": "29a3086e027f52fc0781f2ad19ae37f4e48a0b35b793fde37ba5b511e9eaaf04",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.375750",
"virustotal": "https://www.virustotal.com/file/29a3086e027f52fc0781f2ad19ae37f4e48a0b35b793fde37ba5b511e9eaaf04/analysis/1498666524/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/http-wjnK0B"
},
{
"date": "06/28/2017 17:25:01",
"source": "deonaea 192.241.x.x",
"name": "2de80698ede8016263800d3e0eb3adbb",
"hash": "fdcc89f89bdbdf4b922f3fa25af24bdf50c39e9a3cf089f56e5264b7ed366fd2",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Generic.ServStart.A.341722AE",
"virustotal": "https://www.virustotal.com/file/fdcc89f89bdbdf4b922f3fa25af24bdf50c39e9a3cf089f56e5264b7ed366fd2/analysis/1498491788/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2de80698ede8016263800d3e0eb3adbb"
},
{
"date": "06/28/2017 04:15:01",
"source": "deonaea 192.241.x.x",
"name": "b3f7a6c9b77b0e4eb748dda93460032a",
"hash": "c07fec30842bfed3a85611969d5cc5e8e57619b9432dfdbb4500fe167fe8a8d2",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Ramnit.N",
"virustotal": "https://www.virustotal.com/file/c07fec30842bfed3a85611969d5cc5e8e57619b9432dfdbb4500fe167fe8a8d2/analysis/1498585327/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b3f7a6c9b77b0e4eb748dda93460032a"
},
{
"date": "06/28/2017 04:15:01",
"source": "deonaea 192.241.x.x",
"name": "a9c221b09316095727a80e0f7647a4bd",
"hash": "6e292240be6a2608883fcf579fe763b58afabb6213a4335b2d34b0d8a9eb4cd3",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Ramnit.N",
"virustotal": "https://www.virustotal.com/file/6e292240be6a2608883fcf579fe763b58afabb6213a4335b2d34b0d8a9eb4cd3/analysis/1498585402/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a9c221b09316095727a80e0f7647a4bd"
},
{
"date": "06/28/2017 03:05:01",
"source": "deonaea 159.203.x.x",
"name": "a434ad1696258dec5357d78a8b8974ae",
"hash": "ac2023225e8b82c01d9610fa83cc66eb47f9e1428dcfed51b5db832cb03df41a",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.371459",
"virustotal": "https://www.virustotal.com/file/ac2023225e8b82c01d9610fa83cc66eb47f9e1428dcfed51b5db832cb03df41a/analysis/1498356025/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a434ad1696258dec5357d78a8b8974ae"
},
{
"date": "06/28/2017 02:30:01",
"source": "deonaea 159.203.x.x",
"name": "040053a6988a0753dd0bdb1d54c9f09a",
"hash": "978db54974c450ab587649d9c1e19935a6e00344a74d01a355f9752aa7a6f126",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Mikey.59774",
"virustotal": "https://www.virustotal.com/file/978db54974c450ab587649d9c1e19935a6e00344a74d01a355f9752aa7a6f126/analysis/1498611911/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/040053a6988a0753dd0bdb1d54c9f09a"
},
{
"date": "06/28/2017 02:30:01",
"source": "cowrie 159.203.x.x",
"name": "811c76aee747ccfbed8d17ed7ba2fe7f4cd2b8259d149e1c2dea02bc169e71c2",
"hash": "811c76aee747ccfbed8d17ed7ba2fe7f4cd2b8259d149e1c2dea02bc169e71c2",
"type": "POSIX shell script, ASCII text executable",
"classification": "BV:Downloader-JQ [Drp]",
"virustotal": "https://www.virustotal.com/file/811c76aee747ccfbed8d17ed7ba2fe7f4cd2b8259d149e1c2dea02bc169e71c2/analysis/1498606206/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/811c76aee747ccfbed8d17ed7ba2fe7f4cd2b8259d149e1c2dea02bc169e71c2"
},
{
"date": "06/28/2017 01:50:01",
"source": "deonaea 192.241.x.x",
"name": "8abff333b92af2add6cf1512af67f2f8",
"hash": "baf62759df12d1503ea5211727959fc40b08ca4347f99cb60429c35ed1f63ff7",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Zusy.216802",
"virustotal": "https://www.virustotal.com/file/baf62759df12d1503ea5211727959fc40b08ca4347f99cb60429c35ed1f63ff7/analysis/1498521526/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8abff333b92af2add6cf1512af67f2f8"
},
{
"date": "06/27/2017 16:35:01",
"source": "cowrie 159.203.x.x",
"name": "8882bea82ecd69492abd1adcff7d198e1b0fdf2682d69a4cfc8146e2b4b76d18",
"hash": "8882bea82ecd69492abd1adcff7d198e1b0fdf2682d69a4cfc8146e2b4b76d18",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.801A9259",
"virustotal": "https://www.virustotal.com/file/8882bea82ecd69492abd1adcff7d198e1b0fdf2682d69a4cfc8146e2b4b76d18/analysis/1498582807/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8882bea82ecd69492abd1adcff7d198e1b0fdf2682d69a4cfc8146e2b4b76d18"
},
{
"date": "06/27/2017 16:35:01",
"source": "cowrie 159.203.x.x",
"name": "4cd77fbb329effbd0e4047ca984caa054e5f5d30939937bb6f4b9ed732ea1b12",
"hash": "4cd77fbb329effbd0e4047ca984caa054e5f5d30939937bb6f4b9ed732ea1b12",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.CDC97614",
"virustotal": "https://www.virustotal.com/file/4cd77fbb329effbd0e4047ca984caa054e5f5d30939937bb6f4b9ed732ea1b12/analysis/1498582843/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/4cd77fbb329effbd0e4047ca984caa054e5f5d30939937bb6f4b9ed732ea1b12"
},
{
"date": "06/27/2017 13:35:01",
"source": "deonaea 159.203.x.x",
"name": "3550b969ef125f2b120d4cbb28857f5c",
"hash": "5d68c4af7edbd0e3202928399107b463e2cd6138e62954932771f5c5be183090",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Dropped:Generic.Malware.PPkg.3842181F",
"virustotal": "https://www.virustotal.com/file/5d68c4af7edbd0e3202928399107b463e2cd6138e62954932771f5c5be183090/analysis/1498483223/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/3550b969ef125f2b120d4cbb28857f5c"
},
{
"date": "06/26/2017 23:25:01",
"source": "deonaea 192.241.x.x",
"name": "http-Lecz05",
"hash": "7d85d6f565529fef652eb99373488646c3baa5a9a4a57559877202f57f6112b2",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Kazy.2923",
"virustotal": "https://www.virustotal.com/file/7d85d6f565529fef652eb99373488646c3baa5a9a4a57559877202f57f6112b2/analysis/1449363752/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/http-Lecz05"
},
{
"date": "06/26/2017 22:30:01",
"source": "cowrie 159.203.x.x",
"name": "87ce978539e685cabcf4e87d21cbfca0aeede66e627a0a33cc67d4ea23633e2d",
"hash": "87ce978539e685cabcf4e87d21cbfca0aeede66e627a0a33cc67d4ea23633e2d",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.1CEFEEF0",
"virustotal": "https://www.virustotal.com/file/87ce978539e685cabcf4e87d21cbfca0aeede66e627a0a33cc67d4ea23633e2d/analysis/1498437006/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/87ce978539e685cabcf4e87d21cbfca0aeede66e627a0a33cc67d4ea23633e2d"
},
{
"date": "06/26/2017 18:45:01",
"source": "deonaea 192.241.x.x",
"name": "94b432388eb811c034b91b0a0f699377",
"hash": "ee59e629a89a818dc0c0d9e4ecf4ce0e54db4f300e9b61853d16a01ffd3dafd4",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "DeepScan:Generic.Sdbot.6A8FBF06",
"virustotal": "https://www.virustotal.com/file/ee59e629a89a818dc0c0d9e4ecf4ce0e54db4f300e9b61853d16a01ffd3dafd4/analysis/1498467167/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/94b432388eb811c034b91b0a0f699377"
},
{
"date": "06/26/2017 17:20:01",
"source": "cowrie 159.203.x.x",
"name": "fadb1fb39e53dfff01d90bedcb98d5d699e13e692d5bdd35cdb008d7a4484d4c",
"hash": "fadb1fb39e53dfff01d90bedcb98d5d699e13e692d5bdd35cdb008d7a4484d4c",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/fadb1fb39e53dfff01d90bedcb98d5d699e13e692d5bdd35cdb008d7a4484d4c/analysis/1498498207/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/fadb1fb39e53dfff01d90bedcb98d5d699e13e692d5bdd35cdb008d7a4484d4c"
},
{
"date": "06/26/2017 12:50:01",
"source": "deonaea 159.203.x.x",
"name": "07a7ea1eeb988a77710cf25e31adfb55",
"hash": "7d99db10fc754bc0b7eb3067ddd39eeb9ca621193e7170b229abddc5d1a04f22",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.57816",
"virustotal": "https://www.virustotal.com/file/7d99db10fc754bc0b7eb3067ddd39eeb9ca621193e7170b229abddc5d1a04f22/analysis/1498285018/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/07a7ea1eeb988a77710cf25e31adfb55"
},
{
"date": "06/26/2017 11:00:01",
"source": "deonaea 159.203.x.x",
"name": "smb-qq7tui3n.tmp",
"hash": "0c98eea4c907d1326a18abdb95462dedb5c9b800caba4fe7223343e4af30fdd7",
"type": "data",
"classification": "Trojan.Generic.21428744",
"virustotal": "https://www.virustotal.com/file/0c98eea4c907d1326a18abdb95462dedb5c9b800caba4fe7223343e4af30fdd7/analysis/1497608223/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/smb-qq7tui3n.tmp"
},
{
"date": "06/26/2017 02:15:01",
"source": "cowrie 159.203.x.x",
"name": "5f41ae4c7cc7f4c46cecf777eb27cd2afc5963293ab398638a19b78db322d612",
"hash": "5f41ae4c7cc7f4c46cecf777eb27cd2afc5963293ab398638a19b78db322d612",
"type": "ASCII text, with CRLF line terminators",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.as",
"virustotal": "https://www.virustotal.com/file/5f41ae4c7cc7f4c46cecf777eb27cd2afc5963293ab398638a19b78db322d612/analysis/1498273271/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5f41ae4c7cc7f4c46cecf777eb27cd2afc5963293ab398638a19b78db322d612"
},
{
"date": "06/26/2017 00:25:01",
"source": "deonaea 192.241.x.x",
"name": "e4bc44d9b592322f27f504da4ae07ba8",
"hash": "c6ff3e34be1ed494b92322d2eb02b295e4a591ec6691061965b321a0d6b68f6d",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Virtob.Gen.12",
"virustotal": "https://www.virustotal.com/file/c6ff3e34be1ed494b92322d2eb02b295e4a591ec6691061965b321a0d6b68f6d/analysis/1498437043/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e4bc44d9b592322f27f504da4ae07ba8"
},
{
"date": "06/26/2017 00:25:01",
"source": "deonaea 192.241.x.x",
"name": "bc226be10f1baf442ac8af9618ff9210",
"hash": "81d8ff0dd5c3a6c7f0559c88132c4bc2b67bafd278e2ff8c8c6ae81809b346bb",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "nondeterministic",
"virustotal": "" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/bc226be10f1baf442ac8af9618ff9210"
},
{
"date": "06/26/2017 00:00:01",
"source": "cowrie 159.203.x.x",
"name": "dbca618b3842cd6e462d0a5461f9852877567cb7ef5359ed73b59a0a79063ede",
"hash": "dbca618b3842cd6e462d0a5461f9852877567cb7ef5359ed73b59a0a79063ede",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.357F1C8B",
"virustotal": "https://www.virustotal.com/file/dbca618b3842cd6e462d0a5461f9852877567cb7ef5359ed73b59a0a79063ede/analysis/1498435206/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/dbca618b3842cd6e462d0a5461f9852877567cb7ef5359ed73b59a0a79063ede"
},
{
"date": "06/25/2017 17:35:01",
"source": "deonaea 192.241.x.x",
"name": "dfc9fd46007ccc9d3b7646c1af8ea131",
"hash": "e50c286c91089a47d76262721e69105c5d20a3d7cf10ae12d2c51d44109f94a4",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Dropped:Generic.Malware.PPkg.7C5743D6",
"virustotal": "https://www.virustotal.com/file/e50c286c91089a47d76262721e69105c5d20a3d7cf10ae12d2c51d44109f94a4/analysis/1497930136/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/dfc9fd46007ccc9d3b7646c1af8ea131"
},
{
"date": "06/25/2017 17:10:01",
"source": "deonaea 192.241.x.x",
"name": "3473c37992f49b29d53b9e7cc5c0e077",
"hash": "d8bc237c5ddc805580438f69346310cc3250b25910ccd99aa197034237ebc4a7",
"type": "PE32 executable (console) Intel 80386, for MS Windows",
"classification": "Win32:Evo-gen [Susp]",
"virustotal": "https://www.virustotal.com/file/d8bc237c5ddc805580438f69346310cc3250b25910ccd99aa197034237ebc4a7/analysis/1498398020/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/3473c37992f49b29d53b9e7cc5c0e077"
},
{
"date": "06/25/2017 16:00:01",
"source": "cowrie 159.203.x.x",
"name": "3c8d5e934ab50c32f6273c544394120ba006b1a01962845812cebb5018d71ec9",
"hash": "3c8d5e934ab50c32f6273c544394120ba006b1a01962845812cebb5018d71ec9",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.034AD635",
"virustotal": "https://www.virustotal.com/file/3c8d5e934ab50c32f6273c544394120ba006b1a01962845812cebb5018d71ec9/analysis/1498215977/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/3c8d5e934ab50c32f6273c544394120ba006b1a01962845812cebb5018d71ec9"
},
{
"date": "06/25/2017 15:45:01",
"source": "cowrie 159.203.x.x",
"name": "b98dcb900c1abeddb5088e4fff839e4a01b4fb62f169b16474006443f09dd795",
"hash": "b98dcb900c1abeddb5088e4fff839e4a01b4fb62f169b16474006443f09dd795",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.4E2B1AA5",
"virustotal": "https://www.virustotal.com/file/b98dcb900c1abeddb5088e4fff839e4a01b4fb62f169b16474006443f09dd795/analysis/1498406409/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b98dcb900c1abeddb5088e4fff839e4a01b4fb62f169b16474006443f09dd795"
},
{
"date": "06/25/2017 15:45:01",
"source": "cowrie 159.203.x.x",
"name": "a2d8a4dd0eafe467fb2141542632cd9f4460c5c6fd6c3f70c12fc897734b2368",
"hash": "a2d8a4dd0eafe467fb2141542632cd9f4460c5c6fd6c3f70c12fc897734b2368",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.58123E35",
"virustotal": "https://www.virustotal.com/file/a2d8a4dd0eafe467fb2141542632cd9f4460c5c6fd6c3f70c12fc897734b2368/analysis/1498288381/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a2d8a4dd0eafe467fb2141542632cd9f4460c5c6fd6c3f70c12fc897734b2368"
},
{
"date": "06/25/2017 11:30:01",
"source": "deonaea 192.241.x.x",
"name": "8f4a040f2c59d5f8a3c4b07b0bf33195",
"hash": "2c4815615791da32229b516336832b5cfdaf53cdf6f37e8feeb76ffe3ba91e2b",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Generic.ServStart.A.B14120F2",
"virustotal": "https://www.virustotal.com/file/2c4815615791da32229b516336832b5cfdaf53cdf6f37e8feeb76ffe3ba91e2b/analysis/1498372113/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8f4a040f2c59d5f8a3c4b07b0bf33195"
},
{
"date": "06/25/2017 02:45:01",
"source": "cowrie 159.203.x.x",
"name": "5068fba573078e3faa1ed9114416465631e88a1bbb0a62877bf7b49f2be19cc9",
"hash": "5068fba573078e3faa1ed9114416465631e88a1bbb0a62877bf7b49f2be19cc9",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.A3EDB2EA",
"virustotal": "https://www.virustotal.com/file/5068fba573078e3faa1ed9114416465631e88a1bbb0a62877bf7b49f2be19cc9/analysis/1497682747/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5068fba573078e3faa1ed9114416465631e88a1bbb0a62877bf7b49f2be19cc9"
},
{
"date": "06/25/2017 02:40:01",
"source": "cowrie 159.203.x.x",
"name": "083cfe033ee0b1d3ab2ea0fee852904c147f09c8daab76989fa46c2afaa9b8fb",
"hash": "083cfe033ee0b1d3ab2ea0fee852904c147f09c8daab76989fa46c2afaa9b8fb",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.30043F16",
"virustotal": "https://www.virustotal.com/file/083cfe033ee0b1d3ab2ea0fee852904c147f09c8daab76989fa46c2afaa9b8fb/analysis/1497473043/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/083cfe033ee0b1d3ab2ea0fee852904c147f09c8daab76989fa46c2afaa9b8fb"
},
{
"date": "06/25/2017 01:55:01",
"source": "cowrie 159.203.x.x",
"name": "87d27576bf997c080fb71015431c35273c8acda78084f93b070b351371a21d4f",
"hash": "87d27576bf997c080fb71015431c35273c8acda78084f93b070b351371a21d4f",
"type": "POSIX shell script, ASCII text executable, with CRLF line terminators",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/87d27576bf997c080fb71015431c35273c8acda78084f93b070b351371a21d4f/analysis/1498341026/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/87d27576bf997c080fb71015431c35273c8acda78084f93b070b351371a21d4f"
},
{
"date": "06/24/2017 16:15:01",
"source": "cowrie 159.203.x.x",
"name": "56da30ccd9ee3d4588839117491ea10fe42fcdd80904187837275991bb2560bd",
"hash": "56da30ccd9ee3d4588839117491ea10fe42fcdd80904187837275991bb2560bd",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.as",
"virustotal": "https://www.virustotal.com/file/56da30ccd9ee3d4588839117491ea10fe42fcdd80904187837275991bb2560bd/analysis/1498082993/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/56da30ccd9ee3d4588839117491ea10fe42fcdd80904187837275991bb2560bd"
},
{
"date": "06/24/2017 09:00:01",
"source": "cowrie 159.203.x.x",
"name": "c289642bda6ddd4ae790e4dd8e1afbbf6c4375e111bdf60686e7d8e223f95838",
"hash": "c289642bda6ddd4ae790e4dd8e1afbbf6c4375e111bdf60686e7d8e223f95838",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.38DE1F53",
"virustotal": "https://www.virustotal.com/file/c289642bda6ddd4ae790e4dd8e1afbbf6c4375e111bdf60686e7d8e223f95838/analysis/1498293235/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/c289642bda6ddd4ae790e4dd8e1afbbf6c4375e111bdf60686e7d8e223f95838"
},
{
"date": "06/24/2017 04:55:01",
"source": "deonaea 192.241.x.x",
"name": "a7132b572b0e4008aab711fa334dc43e",
"hash": "45da4df052f912aa904472f3e4411ac5fc57fc89052677dcf2d087e433053687",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.298305",
"virustotal": "https://www.virustotal.com/file/45da4df052f912aa904472f3e4411ac5fc57fc89052677dcf2d087e433053687/analysis/1498076592/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a7132b572b0e4008aab711fa334dc43e"
},
{
"date": "06/23/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "bb743557d1ebd710d3dbbb0f22102541e4c689adbba9527e2058b9ef96564f99",
"hash": "bb743557d1ebd710d3dbbb0f22102541e4c689adbba9527e2058b9ef96564f99",
"type": "ASCII text",
"classification": "BV:Downloader-KB [Drp]",
"virustotal": "https://www.virustotal.com/file/bb743557d1ebd710d3dbbb0f22102541e4c689adbba9527e2058b9ef96564f99/analysis/1498215969/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/bb743557d1ebd710d3dbbb0f22102541e4c689adbba9527e2058b9ef96564f99"
},
{
"date": "06/23/2017 09:55:01",
"source": "cowrie 159.203.x.x",
"name": "aa47266d8687bc6bc227aa812db126c9f38fe5a50a09414c9db890001e4d6384",
"hash": "aa47266d8687bc6bc227aa812db126c9f38fe5a50a09414c9db890001e4d6384",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.8FF47BA5",
"virustotal": "https://www.virustotal.com/file/aa47266d8687bc6bc227aa812db126c9f38fe5a50a09414c9db890001e4d6384/analysis/1498046898/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/aa47266d8687bc6bc227aa812db126c9f38fe5a50a09414c9db890001e4d6384"
},
{
"date": "06/23/2017 09:35:01",
"source": "cowrie 159.203.x.x",
"name": "601bbbe4e80c8b67e004c810ff77cc533cc9aaf1f3704514ec3d5f6b9a99709b",
"hash": "601bbbe4e80c8b67e004c810ff77cc533cc9aaf1f3704514ec3d5f6b9a99709b",
"type": "Python script, UTF-8 Unicode (with BOM) text executable",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/601bbbe4e80c8b67e004c810ff77cc533cc9aaf1f3704514ec3d5f6b9a99709b/analysis/1498212007/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/601bbbe4e80c8b67e004c810ff77cc533cc9aaf1f3704514ec3d5f6b9a99709b"
},
{
"date": "06/23/2017 06:05:01",
"source": "deonaea 192.241.x.x",
"name": "smb-3jli7ue3.tmp",
"hash": "db5ce44e4c4ce6271d2e0a056e5abafdd7045f00d55c78450e64a87c2ed86efb",
"type": "data",
"classification": "Trojan.GenericKD.4484531",
"virustotal": "https://www.virustotal.com/file/db5ce44e4c4ce6271d2e0a056e5abafdd7045f00d55c78450e64a87c2ed86efb/analysis/1498190514/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/smb-3jli7ue3.tmp"
},
{
"date": "06/22/2017 22:05:01",
"source": "cowrie 159.203.x.x",
"name": "36b10025566a5244eab7a7476008913f06b282e943ef439881b51a2c6910de5b",
"hash": "36b10025566a5244eab7a7476008913f06b282e943ef439881b51a2c6910de5b",
"type": "POSIX tar archive (GNU)",
"classification": "nondeterministic",
"virustotal": "" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/36b10025566a5244eab7a7476008913f06b282e943ef439881b51a2c6910de5b"
},
{
"date": "06/22/2017 15:05:01",
"source": "deonaea 192.241.x.x",
"name": "26c019e26aadea0ae9a85e4ccb2449fc",
"hash": "9c87b130a50d394e44dcbb86538b8953973fe076fc84bdc219bd4c29e13ba3e2",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Gen:Variant.Razy.25919",
"virustotal": "https://www.virustotal.com/file/9c87b130a50d394e44dcbb86538b8953973fe076fc84bdc219bd4c29e13ba3e2/analysis/1498120128/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/26c019e26aadea0ae9a85e4ccb2449fc"
},
{
"date": "06/22/2017 10:30:01",
"source": "cowrie 159.203.x.x",
"name": "d79b9dda9048a8c2943a3677ff6022691dcaa0471aa4b38078540ff5f4cc2614",
"hash": "d79b9dda9048a8c2943a3677ff6022691dcaa0471aa4b38078540ff5f4cc2614",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.D1D3142A",
"virustotal": "https://www.virustotal.com/file/d79b9dda9048a8c2943a3677ff6022691dcaa0471aa4b38078540ff5f4cc2614/analysis/1498041634/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/d79b9dda9048a8c2943a3677ff6022691dcaa0471aa4b38078540ff5f4cc2614"
},
{
"date": "06/22/2017 05:40:01",
"source": "deonaea 159.203.x.x",
"name": "ab76fbf9bce0e6554ea5a3bb2bb5bb0b",
"hash": "994aef3a73e57aeff291e7253d234493a057150e69f9fd821a112ea019afe2e3",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.91831",
"virustotal": "https://www.virustotal.com/file/994aef3a73e57aeff291e7253d234493a057150e69f9fd821a112ea019afe2e3/analysis/1498106662/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ab76fbf9bce0e6554ea5a3bb2bb5bb0b"
},
{
"date": "06/22/2017 05:40:01",
"source": "deonaea 159.203.x.x",
"name": "29c7a69488c837e671abc88cb55bfff4",
"hash": "a6aa957ebc0370d0af7bc068cdf33c2ccde09cb9a7789213570910394d284242",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.156226",
"virustotal": "https://www.virustotal.com/file/a6aa957ebc0370d0af7bc068cdf33c2ccde09cb9a7789213570910394d284242/analysis/1498106693/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/29c7a69488c837e671abc88cb55bfff4"
},
{
"date": "06/22/2017 03:00:01",
"source": "deonaea 192.241.x.x",
"name": "2e0f426b6f63ffb302336054f60d1069",
"hash": "170a28586c2295a50fab7383f827494184e16963fe3eb5c7e7b541b801d54430",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Mikey.50967",
"virustotal": "https://www.virustotal.com/file/170a28586c2295a50fab7383f827494184e16963fe3eb5c7e7b541b801d54430/analysis/1497969924/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2e0f426b6f63ffb302336054f60d1069"
},
{
"date": "06/22/2017 01:05:01",
"source": "cowrie 159.203.x.x",
"name": "a54209bf38c70e99cafb13b76862523cee94c6fd9b020e26f2a74a2efd1db747",
"hash": "a54209bf38c70e99cafb13b76862523cee94c6fd9b020e26f2a74a2efd1db747",
"type": "POSIX shell script, ASCII text executable",
"classification": "HEUR:Trojan-Downloader.Shell.Mirai.a",
"virustotal": "https://www.virustotal.com/file/a54209bf38c70e99cafb13b76862523cee94c6fd9b020e26f2a74a2efd1db747/analysis/1497679882/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a54209bf38c70e99cafb13b76862523cee94c6fd9b020e26f2a74a2efd1db747"
},
{
"date": "06/22/2017 01:00:01",
"source": "cowrie 159.203.x.x",
"name": "09590e1d156578e7815153717099f1ff3dbcef3efcfc44aa53436392884539d7",
"hash": "09590e1d156578e7815153717099f1ff3dbcef3efcfc44aa53436392884539d7",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.5B69A373",
"virustotal": "https://www.virustotal.com/file/09590e1d156578e7815153717099f1ff3dbcef3efcfc44aa53436392884539d7/analysis/1497798504/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/09590e1d156578e7815153717099f1ff3dbcef3efcfc44aa53436392884539d7"
},
{
"date": "06/21/2017 23:00:01",
"source": "cowrie 159.203.x.x",
"name": "597dd29f4151a6ec220609c6ba026d6abf1f03d76b6063222371d6cadf75bd4a",
"hash": "597dd29f4151a6ec220609c6ba026d6abf1f03d76b6063222371d6cadf75bd4a",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/597dd29f4151a6ec220609c6ba026d6abf1f03d76b6063222371d6cadf75bd4a/analysis/1498071343/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/597dd29f4151a6ec220609c6ba026d6abf1f03d76b6063222371d6cadf75bd4a"
},
{
"date": "06/21/2017 23:00:01",
"source": "cowrie 159.203.x.x",
"name": "459389280fcf89668023b1b8e671eca787697b0d17f0735f1cd4f9e42c76ad90",
"hash": "459389280fcf89668023b1b8e671eca787697b0d17f0735f1cd4f9e42c76ad90",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.as",
"virustotal": "https://www.virustotal.com/file/459389280fcf89668023b1b8e671eca787697b0d17f0735f1cd4f9e42c76ad90/analysis/1498071343/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/459389280fcf89668023b1b8e671eca787697b0d17f0735f1cd4f9e42c76ad90"
},
{
"date": "06/21/2017 23:00:01",
"source": "cowrie 159.203.x.x",
"name": "128a4e6ead85048aa6eeeef76cc7b77036d360c0e7b55d8b462eeb99bf2b4916",
"hash": "128a4e6ead85048aa6eeeef76cc7b77036d360c0e7b55d8b462eeb99bf2b4916",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.as",
"virustotal": "https://www.virustotal.com/file/128a4e6ead85048aa6eeeef76cc7b77036d360c0e7b55d8b462eeb99bf2b4916/analysis/1498033091/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/128a4e6ead85048aa6eeeef76cc7b77036d360c0e7b55d8b462eeb99bf2b4916"
},
{
"date": "06/21/2017 22:30:01",
"source": "deonaea 159.203.x.x",
"name": "e49bce75070a7a3c63a7cebb699342b3",
"hash": "16d49a40333f584b19606733b4deef1b9ecace2c32950010ad1450b44ce3716e",
"type": "PE32 executable (console) Intel 80386, for MS Windows",
"classification": "Trojan.Win32.Small.cvg",
"virustotal": "https://www.virustotal.com/file/16d49a40333f584b19606733b4deef1b9ecace2c32950010ad1450b44ce3716e/analysis/1496648252/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e49bce75070a7a3c63a7cebb699342b3"
},
{
"date": "06/21/2017 22:30:01",
"source": "deonaea 159.203.x.x",
"name": "85956d7b3126d1793b2e40b07906ee1a",
"hash": "5d6b44d5353d6c1d3c90cc2caaa3d3c408f30320ae75e48a845bd93efa67edca",
"type": "PE32 executable (console) Intel 80386, for MS Windows",
"classification": "Exploit.CVE-2015-1701.A",
"virustotal": "https://www.virustotal.com/file/5d6b44d5353d6c1d3c90cc2caaa3d3c408f30320ae75e48a845bd93efa67edca/analysis/1496637494/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/85956d7b3126d1793b2e40b07906ee1a"
},
{
"date": "06/21/2017 22:30:01",
"source": "deonaea 159.203.x.x",
"name": "2cc80b81edb2133206d29ec44ed8aaa1",
"hash": "e2946ecb747a6671e7655aaa0c781e22c965284a10bbe983f59dca46128ce671",
"type": "PE32+ executable (console) x86-64, for MS Windows",
"classification": "Exploit.CVE-2015-1701.A",
"virustotal": "https://www.virustotal.com/file/e2946ecb747a6671e7655aaa0c781e22c965284a10bbe983f59dca46128ce671/analysis/1496637428/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2cc80b81edb2133206d29ec44ed8aaa1"
},
{
"date": "06/21/2017 22:30:01",
"source": "deonaea 159.203.x.x",
"name": "1cc220919b386853ab90fdd8953a1e2d",
"hash": "58dd5d9587015b60df751cb86db5c6eede642480cce56912edcb362a1e4200b9",
"type": "PE32 executable (console) Intel 80386, for MS Windows",
"classification": "Exploit.Agent.AZ",
"virustotal": "https://www.virustotal.com/file/58dd5d9587015b60df751cb86db5c6eede642480cce56912edcb362a1e4200b9/analysis/1496982724/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1cc220919b386853ab90fdd8953a1e2d"
},
{
"date": "06/21/2017 22:30:01",
"source": "cowrie 159.203.x.x",
"name": "522066d0b384832a0680ab13fe442a61498c11545e336367815e46e454b8c069",
"hash": "522066d0b384832a0680ab13fe442a61498c11545e336367815e46e454b8c069",
"type": "Python script, UTF-8 Unicode text executable, with escape sequences",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/522066d0b384832a0680ab13fe442a61498c11545e336367815e46e454b8c069/analysis/1495000193/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/522066d0b384832a0680ab13fe442a61498c11545e336367815e46e454b8c069"
},
{
"date": "06/21/2017 17:45:01",
"source": "deonaea 192.241.x.x",
"name": "b00e920420c6b3fa615404dcaf340fd8",
"hash": "2d01432d65ff45f8eb8bf9cf33b44246917304671c930f916abb304298b1e669",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Generic.ServStart.B.9F7835A2",
"virustotal": "https://www.virustotal.com/file/2d01432d65ff45f8eb8bf9cf33b44246917304671c930f916abb304298b1e669/analysis/1497679489/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b00e920420c6b3fa615404dcaf340fd8"
},
{
"date": "06/21/2017 17:45:01",
"source": "deonaea 192.241.x.x",
"name": "240a54674ffc22ef383ed911eabfc904",
"hash": "a636e009a10922d4decb5e8a82212760d3760aba7ed4d63f58d769f7993db049",
"type": "data",
"classification": "Win32.Sality.3",
"virustotal": "https://www.virustotal.com/file/a636e009a10922d4decb5e8a82212760d3760aba7ed4d63f58d769f7993db049/analysis/1498068012/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/240a54674ffc22ef383ed911eabfc904"
},
{
"date": "06/21/2017 11:25:01",
"source": "deonaea 159.203.x.x",
"name": "855d803590b82b805357587c47c583f2",
"hash": "fd3cae55558bda7cf4290d5e9187504ab1f34adf948801ebff7d3fcb69f9e28f",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Trojan.Dropper.YRN",
"virustotal": "https://www.virustotal.com/file/fd3cae55558bda7cf4290d5e9187504ab1f34adf948801ebff7d3fcb69f9e28f/analysis/1498044610/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/855d803590b82b805357587c47c583f2"
},
{
"date": "06/20/2017 23:35:01",
"source": "cowrie 159.203.x.x",
"name": "c146f7ecef6ae30a3fbfb535d9f44ef68debf9545e396d2e9ce1c6e55c09b183",
"hash": "c146f7ecef6ae30a3fbfb535d9f44ef68debf9545e396d2e9ce1c6e55c09b183",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/c146f7ecef6ae30a3fbfb535d9f44ef68debf9545e396d2e9ce1c6e55c09b183/analysis/1495074554/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/c146f7ecef6ae30a3fbfb535d9f44ef68debf9545e396d2e9ce1c6e55c09b183"
},
{
"date": "06/20/2017 23:35:01",
"source": "cowrie 159.203.x.x",
"name": "b50d8dcf5963867c22bebe01dd4b55aef92e38b30ef4152b5f009a29796d3873",
"hash": "b50d8dcf5963867c22bebe01dd4b55aef92e38b30ef4152b5f009a29796d3873",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/b50d8dcf5963867c22bebe01dd4b55aef92e38b30ef4152b5f009a29796d3873/analysis/1495074555/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b50d8dcf5963867c22bebe01dd4b55aef92e38b30ef4152b5f009a29796d3873"
},
{
"date": "06/20/2017 21:45:01",
"source": "deonaea 159.203.x.x",
"name": "b5feb6f4f1db495d285e788540fda3eb",
"hash": "a73c361d88095469054a40c8f56523de7d7386ee946d06cc4ba32a64fe38ee14",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Johnnie.11103",
"virustotal": "https://www.virustotal.com/file/a73c361d88095469054a40c8f56523de7d7386ee946d06cc4ba32a64fe38ee14/analysis/1497711586/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b5feb6f4f1db495d285e788540fda3eb"
},
{
"date": "06/20/2017 21:45:01",
"source": "deonaea 159.203.x.x",
"name": "6f3922a916f999c436898967b8f6a8a9",
"hash": "793b469a02c75743371a6ce1f4dfbccd75eefcfae5cd2475430cec6a3b461302",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Zusy.227927",
"virustotal": "https://www.virustotal.com/file/793b469a02c75743371a6ce1f4dfbccd75eefcfae5cd2475430cec6a3b461302/analysis/1495368619/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/6f3922a916f999c436898967b8f6a8a9"
},
{
"date": "06/20/2017 21:35:01",
"source": "cowrie 159.203.x.x",
"name": "b2e7dabc4736f1d1234239092b80fd07ac1cc66788b1bc938fad08c3587da3d0",
"hash": "b2e7dabc4736f1d1234239092b80fd07ac1cc66788b1bc938fad08c3587da3d0",
"type": "POSIX shell script, ASCII text executable",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/b2e7dabc4736f1d1234239092b80fd07ac1cc66788b1bc938fad08c3587da3d0/analysis/1497737311/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b2e7dabc4736f1d1234239092b80fd07ac1cc66788b1bc938fad08c3587da3d0"
},
{
"date": "06/20/2017 05:40:01",
"source": "cowrie 159.203.x.x",
"name": "3bb61c0ad19495ae554363823eb83657b403c3aacdf9cddb9b111c2c4321a6da",
"hash": "3bb61c0ad19495ae554363823eb83657b403c3aacdf9cddb9b111c2c4321a6da",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.9, not stripped",
"classification": "Gen:Variant.Trojan.Linux.XorDDoS.2",
"virustotal": "https://www.virustotal.com/file/3bb61c0ad19495ae554363823eb83657b403c3aacdf9cddb9b111c2c4321a6da/analysis/1494990102/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/3bb61c0ad19495ae554363823eb83657b403c3aacdf9cddb9b111c2c4321a6da"
},
{
"date": "06/19/2017 20:25:01",
"source": "deonaea 192.241.x.x",
"name": "85a4a667a7103c50ea4f8922d7c6dfc0",
"hash": "ceeeb883b0d0f966b7d48bac9f1ff0007ab06e8dc2b8c98f05cf3e5da4efe879",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Trojan.Heur.RP.fmW@a4k7xN",
"virustotal": "https://www.virustotal.com/file/ceeeb883b0d0f966b7d48bac9f1ff0007ab06e8dc2b8c98f05cf3e5da4efe879/analysis/1497868619/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/85a4a667a7103c50ea4f8922d7c6dfc0"
},
{
"date": "06/19/2017 18:10:01",
"source": "deonaea 159.203.x.x",
"name": "http-9te05a1n.tmp",
"hash": "62584bb70cabd22302a5329a3cf1ddb2568466ce3af9fb557f65ef177e75aa07",
"type": "data",
"classification": "nondeterministic",
"virustotal": "" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/http-9te05a1n.tmp"
},
{
"date": "06/19/2017 16:00:01",
"source": "cowrie 159.203.x.x",
"name": "88031f9f3c95b9a771217c986e4d4630027da7f1a112882074db0776fb31aa79",
"hash": "88031f9f3c95b9a771217c986e4d4630027da7f1a112882074db0776fb31aa79",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.2E21CD0A",
"virustotal": "https://www.virustotal.com/file/88031f9f3c95b9a771217c986e4d4630027da7f1a112882074db0776fb31aa79/analysis/1497864642/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/88031f9f3c95b9a771217c986e4d4630027da7f1a112882074db0776fb31aa79"
},
{
"date": "06/19/2017 14:05:01",
"source": "cowrie 159.203.x.x",
"name": "1326ac7db131990b750fdb717520641a94861da821b5ad08a8e753e6aaf32cec",
"hash": "1326ac7db131990b750fdb717520641a94861da821b5ad08a8e753e6aaf32cec",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.CFEC9172",
"virustotal": "https://www.virustotal.com/file/1326ac7db131990b750fdb717520641a94861da821b5ad08a8e753e6aaf32cec/analysis/1497864606/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1326ac7db131990b750fdb717520641a94861da821b5ad08a8e753e6aaf32cec"
},
{
"date": "06/19/2017 13:45:01",
"source": "deonaea 192.241.x.x",
"name": "a5bc2b790071ead004ed85280d8f3663",
"hash": "e469b928b7b8728664a52cda76ba377e79223dace3561c6a5a76ad3739718a78",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.335692",
"virustotal": "https://www.virustotal.com/file/e469b928b7b8728664a52cda76ba377e79223dace3561c6a5a76ad3739718a78/analysis/1496935164/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a5bc2b790071ead004ed85280d8f3663"
},
{
"date": "06/19/2017 12:55:01",
"source": "deonaea 192.241.x.x",
"name": "d3fab2fc2e536ac86522492d7de63b22",
"hash": "f0a31a58f960f53e49b3e97fa392d2084621a36139f7b46009edc710d77e21a6",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Gen:Variant.Graftor.267170",
"virustotal": "https://www.virustotal.com/file/f0a31a58f960f53e49b3e97fa392d2084621a36139f7b46009edc710d77e21a6/analysis/1497877313/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/d3fab2fc2e536ac86522492d7de63b22"
},
{
"date": "06/19/2017 12:55:01",
"source": "deonaea 192.241.x.x",
"name": "53a5b0d60613d696a8b772282e11d648",
"hash": "7143025e3f6356cd628135debfdb0c72b0efe4ac726122f9cee6ac3f4db4481c",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Gen:Variant.Graftor.267170",
"virustotal": "https://www.virustotal.com/file/7143025e3f6356cd628135debfdb0c72b0efe4ac726122f9cee6ac3f4db4481c/analysis/1497877349/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/53a5b0d60613d696a8b772282e11d648"
},
{
"date": "06/19/2017 12:45:01",
"source": "deonaea 192.241.x.x",
"name": "eb566d99270f11fa5568e1757e86d51b",
"hash": "ac5f6c98850aabe40fe35fc9742c5bc112429bfec68447397b743ac1c949dece",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Gen:Variant.Graftor.267170",
"virustotal": "https://www.virustotal.com/file/ac5f6c98850aabe40fe35fc9742c5bc112429bfec68447397b743ac1c949dece/analysis/1497877276/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/eb566d99270f11fa5568e1757e86d51b"
},
{
"date": "06/19/2017 03:35:01",
"source": "deonaea 192.241.x.x",
"name": "30f3bccdf646ff0876976c7316ca9b10",
"hash": "31341074baf5042f33ba93ae2b3d12870458f5ae6fa17ede26b1dbeb11f3ef65",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.375750",
"virustotal": "https://www.virustotal.com/file/31341074baf5042f33ba93ae2b3d12870458f5ae6fa17ede26b1dbeb11f3ef65/analysis/1497828991/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/30f3bccdf646ff0876976c7316ca9b10"
},
{
"date": "06/19/2017 03:30:01",
"source": "deonaea 192.241.x.x",
"name": "http-VbRZFf",
"hash": "61433fa66eec2e65b44b0d56fe29d127b542d335efe84c8729ed5ce7473fe6fb",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.375750",
"virustotal": "https://www.virustotal.com/file/61433fa66eec2e65b44b0d56fe29d127b542d335efe84c8729ed5ce7473fe6fb/analysis/1497880889/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/http-VbRZFf"
},
{
"date": "06/19/2017 03:05:01",
"source": "deonaea 192.241.x.x",
"name": "04c443c60e974febeec4b84cdbbbad7b",
"hash": "7ee786b16a5358d48cca7c7e6d1278296bd4e3b02866a07989b897d6329d189e",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Zusy.195832",
"virustotal": "https://www.virustotal.com/file/7ee786b16a5358d48cca7c7e6d1278296bd4e3b02866a07989b897d6329d189e/analysis/1497772026/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/04c443c60e974febeec4b84cdbbbad7b"
},
{
"date": "06/19/2017 02:10:01",
"source": "deonaea 159.203.x.x",
"name": "79f68266a8559906d29733859f3ddf9c",
"hash": "a057b96eb55f1dbb24d94a7da934ebf27d0d926be13e1aec5158ba8d241dab95",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Mikey.50967",
"virustotal": "https://www.virustotal.com/file/a057b96eb55f1dbb24d94a7da934ebf27d0d926be13e1aec5158ba8d241dab95/analysis/1495986902/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/79f68266a8559906d29733859f3ddf9c"
},
{
"date": "06/19/2017 01:30:01",
"source": "deonaea 192.241.x.x",
"name": "825c27fb7c85d98102c23180c747b78e",
"hash": "e3f05e09be4e0954b20af223fb7a9faf4f052ad2743b35188d1cec3b0b64dcbe",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Generic.ServStart.A.52AC1392",
"virustotal": "https://www.virustotal.com/file/e3f05e09be4e0954b20af223fb7a9faf4f052ad2743b35188d1cec3b0b64dcbe/analysis/1497831443/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/825c27fb7c85d98102c23180c747b78e"
},
{
"date": "06/18/2017 12:05:01",
"source": "cowrie 159.203.x.x",
"name": "5b92fe42befacfbdd95d60f49bd2afb70768d50dde2a12b296386cffa6c07cfd",
"hash": "5b92fe42befacfbdd95d60f49bd2afb70768d50dde2a12b296386cffa6c07cfd",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "BV:Downloader-JS [Drp]",
"virustotal": "https://www.virustotal.com/file/5b92fe42befacfbdd95d60f49bd2afb70768d50dde2a12b296386cffa6c07cfd/analysis/1497740419/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5b92fe42befacfbdd95d60f49bd2afb70768d50dde2a12b296386cffa6c07cfd"
},
{
"date": "06/18/2017 12:05:01",
"source": "cowrie 159.203.x.x",
"name": "416cc5b10d4b1d694b0204630a0f5227195625d0be22cc4b77e7f98d1f78f029",
"hash": "416cc5b10d4b1d694b0204630a0f5227195625d0be22cc4b77e7f98d1f78f029",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.284A59C7",
"virustotal": "https://www.virustotal.com/file/416cc5b10d4b1d694b0204630a0f5227195625d0be22cc4b77e7f98d1f78f029/analysis/1497789006/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/416cc5b10d4b1d694b0204630a0f5227195625d0be22cc4b77e7f98d1f78f029"
},
{
"date": "06/18/2017 09:35:01",
"source": "cowrie 159.203.x.x",
"name": "f88388a7250ab66c77d54834c0bd6422b7b761935b0a0c8aca88d2f2248be58d",
"hash": "f88388a7250ab66c77d54834c0bd6422b7b761935b0a0c8aca88d2f2248be58d",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.91F57972",
"virustotal": "https://www.virustotal.com/file/f88388a7250ab66c77d54834c0bd6422b7b761935b0a0c8aca88d2f2248be58d/analysis/1497359301/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f88388a7250ab66c77d54834c0bd6422b7b761935b0a0c8aca88d2f2248be58d"
},
{
"date": "06/18/2017 08:25:01",
"source": "deonaea 192.241.x.x",
"name": "2056716b819775e628ab8df8b4a45187",
"hash": "f8a86fb0798cd7c9bd926e9ef4158bf6f6fb922b9c30bd7d9e4c90080540ea8f",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "DeepScan:Generic.ServStart.D.D8BEF853",
"virustotal": "https://www.virustotal.com/file/f8a86fb0798cd7c9bd926e9ef4158bf6f6fb922b9c30bd7d9e4c90080540ea8f/analysis/1497771461/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2056716b819775e628ab8df8b4a45187"
},
{
"date": "06/18/2017 03:05:01",
"source": "cowrie 159.203.x.x",
"name": "219ce33a5a0d3b31a568649167305d02a5d77106405b5b468754ce0c5c44ced4",
"hash": "219ce33a5a0d3b31a568649167305d02a5d77106405b5b468754ce0c5c44ced4",
"type": "HTML document, ASCII text, with very long lines, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/219ce33a5a0d3b31a568649167305d02a5d77106405b5b468754ce0c5c44ced4/analysis/1497745809/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/219ce33a5a0d3b31a568649167305d02a5d77106405b5b468754ce0c5c44ced4"
},
{
"date": "06/17/2017 21:25:01",
"source": "deonaea 192.241.x.x",
"name": "ffd0d65e05fa80f392a6c254bc4f2ff3",
"hash": "c1286590924ef45046027422f82345b7dafd05f0b9126add5bba644803621bb8",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Trojan.Heur.RP.fmW@aWGDIB",
"virustotal": "https://www.virustotal.com/file/c1286590924ef45046027422f82345b7dafd05f0b9126add5bba644803621bb8/analysis/1497694203/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ffd0d65e05fa80f392a6c254bc4f2ff3"
},
{
"date": "06/17/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "fcaece29a4b756446034611e550a72be2e92ed6c01092339ad4430544b54d390",
"hash": "fcaece29a4b756446034611e550a72be2e92ed6c01092339ad4430544b54d390",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.6D5146E4",
"virustotal": "https://www.virustotal.com/file/fcaece29a4b756446034611e550a72be2e92ed6c01092339ad4430544b54d390/analysis/1497546304/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/fcaece29a4b756446034611e550a72be2e92ed6c01092339ad4430544b54d390"
},
{
"date": "06/17/2017 17:40:01",
"source": "cowrie 159.203.x.x",
"name": "f67e0665894bdf3c5ef02c1485a05e3a2dc9dffb3637cb8fe7e13bdd04788955",
"hash": "f67e0665894bdf3c5ef02c1485a05e3a2dc9dffb3637cb8fe7e13bdd04788955",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.A4B06239",
"virustotal": "https://www.virustotal.com/file/f67e0665894bdf3c5ef02c1485a05e3a2dc9dffb3637cb8fe7e13bdd04788955/analysis/1497542715/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f67e0665894bdf3c5ef02c1485a05e3a2dc9dffb3637cb8fe7e13bdd04788955"
},
{
"date": "06/17/2017 12:25:01",
"source": "cowrie 159.203.x.x",
"name": "8ed19e85a5cd5fb0106e4066523fed1f8b100ef0ad557198fba10749cafabf1e",
"hash": "8ed19e85a5cd5fb0106e4066523fed1f8b100ef0ad557198fba10749cafabf1e",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.9, not stripped",
"classification": "Gen:Variant.Trojan.Linux.XorDDoS.2",
"virustotal": "https://www.virustotal.com/file/8ed19e85a5cd5fb0106e4066523fed1f8b100ef0ad557198fba10749cafabf1e/analysis/1495070633/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8ed19e85a5cd5fb0106e4066523fed1f8b100ef0ad557198fba10749cafabf1e"
},
{
"date": "06/17/2017 09:25:01",
"source": "cowrie 159.203.x.x",
"name": "75c3f09318f0b0de8430ca6f87e26f74493564f36f9257466f8ee33fcd489a52",
"hash": "75c3f09318f0b0de8430ca6f87e26f74493564f36f9257466f8ee33fcd489a52",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.8CA20294",
"virustotal": "https://www.virustotal.com/file/75c3f09318f0b0de8430ca6f87e26f74493564f36f9257466f8ee33fcd489a52/analysis/1497680309/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/75c3f09318f0b0de8430ca6f87e26f74493564f36f9257466f8ee33fcd489a52"
},
{
"date": "06/17/2017 09:25:01",
"source": "cowrie 159.203.x.x",
"name": "212ac82f689157fa928c25a0a5bd94bfbd66dc05bce5e0486b25582e910ef4b0",
"hash": "212ac82f689157fa928c25a0a5bd94bfbd66dc05bce5e0486b25582e910ef4b0",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.DF5ABEEC",
"virustotal": "https://www.virustotal.com/file/212ac82f689157fa928c25a0a5bd94bfbd66dc05bce5e0486b25582e910ef4b0/analysis/1497683106/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/212ac82f689157fa928c25a0a5bd94bfbd66dc05bce5e0486b25582e910ef4b0"
},
{
"date": "06/17/2017 05:30:01",
"source": "deonaea 192.241.x.x",
"name": "643bc6aa9dcabb7b1b819ea143ef42c4",
"hash": "4f43090922609dd9e9007d837e94f53cf0a6676fa5698dd47a2feb56a85a1426",
"type": "data",
"classification": "Gen:Win32.SMTP-Mailer.dqW@ai50NLaG",
"virustotal": "https://www.virustotal.com/file/4f43090922609dd9e9007d837e94f53cf0a6676fa5698dd47a2feb56a85a1426/analysis/1467502172/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/643bc6aa9dcabb7b1b819ea143ef42c4"
},
{
"date": "06/16/2017 23:15:01",
"source": "deonaea 192.241.x.x",
"name": "91e66b8856969adeb6ce5a7139932688",
"hash": "9d85a7442be08c0ad113fc2e69daf3038e9743ee7988a2e1230e645f283e7290",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.367942",
"virustotal": "https://www.virustotal.com/file/9d85a7442be08c0ad113fc2e69daf3038e9743ee7988a2e1230e645f283e7290/analysis/1497460295/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/91e66b8856969adeb6ce5a7139932688"
},
{
"date": "06/16/2017 19:45:01",
"source": "deonaea 159.203.x.x",
"name": "smb-tabp6qir.tmp",
"hash": "db5ce44e4c4ce6271d2e0a056e5abafdd7045f00d55c78450e64a87c2ed86efb",
"type": "data",
"classification": "Trojan.GenericKD.4484531",
"virustotal": "https://www.virustotal.com/file/db5ce44e4c4ce6271d2e0a056e5abafdd7045f00d55c78450e64a87c2ed86efb/analysis/1497585723/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/smb-tabp6qir.tmp"
},
{
"date": "06/16/2017 17:00:01",
"source": "deonaea 192.241.x.x",
"name": "ce0a28a558b07ad3d9fa7b1225e5aa09",
"hash": "5e193a19db3f835821a9652474100e5a19fdad44247b31192f1f6a78c838011c",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Generic.ZegostB.236E8B0F",
"virustotal": "https://www.virustotal.com/file/5e193a19db3f835821a9652474100e5a19fdad44247b31192f1f6a78c838011c/analysis/1492502591/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ce0a28a558b07ad3d9fa7b1225e5aa09"
},
{
"date": "06/16/2017 16:50:01",
"source": "deonaea 192.241.x.x",
"name": "http-02SxNO",
"hash": "0912f920d2ae8e64ee0cbed396524da8f82c2340e490fe4afdd85aac766a0d35",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32:Ramnit-CW",
"virustotal": "https://www.virustotal.com/file/0912f920d2ae8e64ee0cbed396524da8f82c2340e490fe4afdd85aac766a0d35/analysis/1497632442/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/http-02SxNO"
},
{
"date": "06/16/2017 00:40:01",
"source": "deonaea 159.203.x.x",
"name": "44062802e4930b1b6289067522307c9d",
"hash": "19b9a983ab2ca954aa008bd22315cfc762d13af765aed955f50bbc89a033c600",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.57816",
"virustotal": "https://www.virustotal.com/file/19b9a983ab2ca954aa008bd22315cfc762d13af765aed955f50bbc89a033c600/analysis/1497425458/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/44062802e4930b1b6289067522307c9d"
},
{
"date": "06/15/2017 23:10:01",
"source": "cowrie 159.203.x.x",
"name": "c885f6b89171755320b5030efec94bb3d9435f535e5a53df9326b97b6e458e7e",
"hash": "c885f6b89171755320b5030efec94bb3d9435f535e5a53df9326b97b6e458e7e",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.70CC2646",
"virustotal": "https://www.virustotal.com/file/c885f6b89171755320b5030efec94bb3d9435f535e5a53df9326b97b6e458e7e/analysis/1497524899/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/c885f6b89171755320b5030efec94bb3d9435f535e5a53df9326b97b6e458e7e"
},
{
"date": "06/15/2017 23:10:01",
"source": "cowrie 159.203.x.x",
"name": "19d19c65e56f65ef1fbe1927e0c164b01d8ef250c0e270f5c9b02edd013b5a51",
"hash": "19d19c65e56f65ef1fbe1927e0c164b01d8ef250c0e270f5c9b02edd013b5a51",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/19d19c65e56f65ef1fbe1927e0c164b01d8ef250c0e270f5c9b02edd013b5a51/analysis/1496840911/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/19d19c65e56f65ef1fbe1927e0c164b01d8ef250c0e270f5c9b02edd013b5a51"
},
{
"date": "06/15/2017 23:05:01",
"source": "cowrie 159.203.x.x",
"name": "fe61561839e47d18fe164933a8abe71b941c4e35c2f909026e96a3f5c4222c0c",
"hash": "fe61561839e47d18fe164933a8abe71b941c4e35c2f909026e96a3f5c4222c0c",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.B5E5F707",
"virustotal": "https://www.virustotal.com/file/fe61561839e47d18fe164933a8abe71b941c4e35c2f909026e96a3f5c4222c0c/analysis/1497522606/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/fe61561839e47d18fe164933a8abe71b941c4e35c2f909026e96a3f5c4222c0c"
},
{
"date": "06/15/2017 23:05:01",
"source": "cowrie 159.203.x.x",
"name": "f93fd023f0ebf045f90fa8eb9494e15a4657ac031775f525f47ba022732e12cd",
"hash": "f93fd023f0ebf045f90fa8eb9494e15a4657ac031775f525f47ba022732e12cd",
"type": "ASCII text",
"classification": "Generic.Bash.MiraiA.1ACC71A1",
"virustotal": "https://www.virustotal.com/file/f93fd023f0ebf045f90fa8eb9494e15a4657ac031775f525f47ba022732e12cd/analysis/1497525024/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f93fd023f0ebf045f90fa8eb9494e15a4657ac031775f525f47ba022732e12cd"
},
{
"date": "06/15/2017 23:05:01",
"source": "cowrie 159.203.x.x",
"name": "c245764eefa6bbf77ab3bdf801e3623bf301d5b2929eebadaa65928f07b2fb87",
"hash": "c245764eefa6bbf77ab3bdf801e3623bf301d5b2929eebadaa65928f07b2fb87",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "Generic.Bash.MiraiA.4556FA71",
"virustotal": "https://www.virustotal.com/file/c245764eefa6bbf77ab3bdf801e3623bf301d5b2929eebadaa65928f07b2fb87/analysis/1497522642/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/c245764eefa6bbf77ab3bdf801e3623bf301d5b2929eebadaa65928f07b2fb87"
},
{
"date": "06/15/2017 23:05:01",
"source": "cowrie 159.203.x.x",
"name": "7fe18b507c08b887cda9236d2e8eb8830df833bd3901c4d7d6206b3e81712121",
"hash": "7fe18b507c08b887cda9236d2e8eb8830df833bd3901c4d7d6206b3e81712121",
"type": "POSIX shell script, ASCII text executable",
"classification": "HEUR:Trojan-Downloader.Shell.Mirai.a",
"virustotal": "https://www.virustotal.com/file/7fe18b507c08b887cda9236d2e8eb8830df833bd3901c4d7d6206b3e81712121/analysis/1497265503/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7fe18b507c08b887cda9236d2e8eb8830df833bd3901c4d7d6206b3e81712121"
},
{
"date": "06/15/2017 23:05:01",
"source": "cowrie 159.203.x.x",
"name": "157781a6029821c39137ffc702f9418e1e230e654f23afe3c429c539baff2b27",
"hash": "157781a6029821c39137ffc702f9418e1e230e654f23afe3c429c539baff2b27",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.9, not stripped",
"classification": "Gen:Variant.Trojan.Linux.XorDDoS.2",
"virustotal": "https://www.virustotal.com/file/157781a6029821c39137ffc702f9418e1e230e654f23afe3c429c539baff2b27/analysis/1495063386/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/157781a6029821c39137ffc702f9418e1e230e654f23afe3c429c539baff2b27"
},
{
"date": "06/15/2017 22:40:01",
"source": "deonaea 159.203.x.x",
"name": "d04ca76f863e0aa00f3493b5633318a2",
"hash": "4dab1b484c385ca8df05d643ad104db4d204441e57e0a0ab8fca13650d8070ff",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Generic.Keylogger.2.AB3EE53C",
"virustotal": "https://www.virustotal.com/file/4dab1b484c385ca8df05d643ad104db4d204441e57e0a0ab8fca13650d8070ff/analysis/1497460110/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/d04ca76f863e0aa00f3493b5633318a2"
},
{
"date": "06/15/2017 19:05:01",
"source": "deonaea 159.203.x.x",
"name": "smb-dw2pvpjb.tmp",
"hash": "db5ce44e4c4ce6271d2e0a056e5abafdd7045f00d55c78450e64a87c2ed86efb",
"type": "data",
"classification": "Trojan.GenericKD.4484531",
"virustotal": "https://www.virustotal.com/file/db5ce44e4c4ce6271d2e0a056e5abafdd7045f00d55c78450e64a87c2ed86efb/analysis/1497537454/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/smb-dw2pvpjb.tmp"
},
{
"date": "06/15/2017 19:00:01",
"source": "deonaea 159.203.x.x",
"name": "786ab616239814616642ba4438df78a9",
"hash": "db5ce44e4c4ce6271d2e0a056e5abafdd7045f00d55c78450e64a87c2ed86efb",
"type": "data",
"classification": "Trojan.GenericKD.4484531",
"virustotal": "https://www.virustotal.com/file/db5ce44e4c4ce6271d2e0a056e5abafdd7045f00d55c78450e64a87c2ed86efb/analysis/1497537454/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/786ab616239814616642ba4438df78a9"
},
{
"date": "06/15/2017 09:05:01",
"source": "deonaea 159.203.x.x",
"name": "6d7ef86775a953d44f42dfcd53abd646",
"hash": "b22eaa732aabdb8c44a69c5365b07c3741d6a73f1b9ee1fdeceb7500383b60ae",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Mikey.59774",
"virustotal": "https://www.virustotal.com/file/b22eaa732aabdb8c44a69c5365b07c3741d6a73f1b9ee1fdeceb7500383b60ae/analysis/1496950683/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/6d7ef86775a953d44f42dfcd53abd646"
},
{
"date": "06/14/2017 20:55:01",
"source": "deonaea 192.241.x.x",
"name": "8dd78e10c83b9275fdae25c1202f2f34",
"hash": "28f72620d219a8dc6fea8c911382b60a93f8b8a75befac85618c1dd599605342",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Parite.C",
"virustotal": "https://www.virustotal.com/file/28f72620d219a8dc6fea8c911382b60a93f8b8a75befac85618c1dd599605342/analysis/1497216110/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8dd78e10c83b9275fdae25c1202f2f34"
},
{
"date": "06/14/2017 20:55:01",
"source": "deonaea 192.241.x.x",
"name": "0809e08efff784c9a0677caa98bac8d5",
"hash": "3ca260f492ed33b855f4284b7319775efabe8af5ab8dd67cb4b8409ed8e41ca9",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.13465",
"virustotal": "https://www.virustotal.com/file/3ca260f492ed33b855f4284b7319775efabe8af5ab8dd67cb4b8409ed8e41ca9/analysis/1497471522/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0809e08efff784c9a0677caa98bac8d5"
},
{
"date": "06/14/2017 16:10:01",
"source": "deonaea 192.241.x.x",
"name": "smb-usat43sz.tmp",
"hash": "4f43090922609dd9e9007d837e94f53cf0a6676fa5698dd47a2feb56a85a1426",
"type": "data",
"classification": "Gen:Win32.SMTP-Mailer.dqW@ai50NLaG",
"virustotal": "https://www.virustotal.com/file/4f43090922609dd9e9007d837e94f53cf0a6676fa5698dd47a2feb56a85a1426/analysis/1467502172/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/smb-usat43sz.tmp"
},
{
"date": "06/14/2017 13:15:01",
"source": "deonaea 192.241.x.x",
"name": "e1664620fdeaed19f5db9cf0a282735d",
"hash": "dc82c67b6c28143f1211c7347e9e746e02b65b2e93354190fcb7f7c8276bfd97",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.335692",
"virustotal": "https://www.virustotal.com/file/dc82c67b6c28143f1211c7347e9e746e02b65b2e93354190fcb7f7c8276bfd97/analysis/1496901384/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e1664620fdeaed19f5db9cf0a282735d"
},
{
"date": "06/14/2017 13:15:01",
"source": "deonaea 192.241.x.x",
"name": "1a454bd70cab2443e7229f692eca876a",
"hash": "f9ac893ec6045806404fdc1d3f3a7170a481317c1655301204fef01126b92347",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.335692",
"virustotal": "https://www.virustotal.com/file/f9ac893ec6045806404fdc1d3f3a7170a481317c1655301204fef01126b92347/analysis/1497268114/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1a454bd70cab2443e7229f692eca876a"
},
{
"date": "06/13/2017 23:15:01",
"source": "deonaea 192.241.x.x",
"name": "7326f77b4ff19d06dfe62ad04d2b6de6",
"hash": "191efd73c3ea4a1c6e28a065948c1990057f2f8a2439d76a17fea29c9f622ec7",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.57816",
"virustotal": "https://www.virustotal.com/file/191efd73c3ea4a1c6e28a065948c1990057f2f8a2439d76a17fea29c9f622ec7/analysis/1497335177/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7326f77b4ff19d06dfe62ad04d2b6de6"
},
{
"date": "06/13/2017 23:05:01",
"source": "cowrie 159.203.x.x",
"name": "44dc0ad1b0609f048217370bb5c8cb84e2d0e15ef9e84c7616743c1855537508",
"hash": "44dc0ad1b0609f048217370bb5c8cb84e2d0e15ef9e84c7616743c1855537508",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/44dc0ad1b0609f048217370bb5c8cb84e2d0e15ef9e84c7616743c1855537508/analysis/1497315966/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/44dc0ad1b0609f048217370bb5c8cb84e2d0e15ef9e84c7616743c1855537508"
},
{
"date": "06/13/2017 22:55:01",
"source": "deonaea 192.241.x.x",
"name": "a0e763b8598988f52dbb9b248440d6ba",
"hash": "8b3a466082d963a9182fc0fb97d9afeb4f469b3f7c4dc71df1dc977db29517ca",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Generic.ServStart.A.D9DAE432",
"virustotal": "https://www.virustotal.com/file/8b3a466082d963a9182fc0fb97d9afeb4f469b3f7c4dc71df1dc977db29517ca/analysis/1497248806/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a0e763b8598988f52dbb9b248440d6ba"
},
{
"date": "06/13/2017 22:00:01",
"source": "deonaea 192.241.x.x",
"name": "06e52100ca94b0bb1e89c58bea36c9ee",
"hash": "2fb7478e4c1b866ea886659139bb442d342d32bf60f2483af3a8aa61561bed7b",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.13465",
"virustotal": "https://www.virustotal.com/file/2fb7478e4c1b866ea886659139bb442d342d32bf60f2483af3a8aa61561bed7b/analysis/1497389062/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/06e52100ca94b0bb1e89c58bea36c9ee"
},
{
"date": "06/13/2017 21:45:01",
"source": "cowrie 159.203.x.x",
"name": "ec7bf4e7c3129f31117d7e75d756db18b31c02e32ed8f7b91c6d4afa3dc32ecd",
"hash": "ec7bf4e7c3129f31117d7e75d756db18b31c02e32ed8f7b91c6d4afa3dc32ecd",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/ec7bf4e7c3129f31117d7e75d756db18b31c02e32ed8f7b91c6d4afa3dc32ecd/analysis/1496759972/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/ec7bf4e7c3129f31117d7e75d756db18b31c02e32ed8f7b91c6d4afa3dc32ecd"
},
{
"date": "06/13/2017 18:20:01",
"source": "deonaea 192.241.x.x",
"name": "b28f62e72ca7baae236ce4807237f197",
"hash": "1b9636bbf36b2580a0274b849f49a1de2f5ec727f0ca7537a00687648896e85a",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.335692",
"virustotal": "https://www.virustotal.com/file/1b9636bbf36b2580a0274b849f49a1de2f5ec727f0ca7537a00687648896e85a/analysis/1496918049/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/b28f62e72ca7baae236ce4807237f197"
},
{
"date": "06/13/2017 17:10:01",
"source": "deonaea 192.241.x.x",
"name": "smb-ro1f8y5r.tmp",
"hash": "4f43090922609dd9e9007d837e94f53cf0a6676fa5698dd47a2feb56a85a1426",
"type": "data",
"classification": "Gen:Win32.SMTP-Mailer.dqW@ai50NLaG",
"virustotal": "https://www.virustotal.com/file/4f43090922609dd9e9007d837e94f53cf0a6676fa5698dd47a2feb56a85a1426/analysis/1467502172/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/smb-ro1f8y5r.tmp"
},
{
"date": "06/13/2017 12:10:01",
"source": "cowrie 159.203.x.x",
"name": "f757b5c6c5e0f49d98d89b24165568c8084c7d492c86b570d03e7ce3e736b18d",
"hash": "f757b5c6c5e0f49d98d89b24165568c8084c7d492c86b570d03e7ce3e736b18d",
"type": "Python script, ASCII text executable, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/f757b5c6c5e0f49d98d89b24165568c8084c7d492c86b570d03e7ce3e736b18d/analysis/1496644967/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f757b5c6c5e0f49d98d89b24165568c8084c7d492c86b570d03e7ce3e736b18d"
},
{
"date": "06/13/2017 01:55:01",
"source": "cowrie 159.203.x.x",
"name": "556621a8378beed77cfc160c980c4e48891bd6df63924e012706b7f275131d5a",
"hash": "556621a8378beed77cfc160c980c4e48891bd6df63924e012706b7f275131d5a",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/556621a8378beed77cfc160c980c4e48891bd6df63924e012706b7f275131d5a/analysis/1496430978/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/556621a8378beed77cfc160c980c4e48891bd6df63924e012706b7f275131d5a"
},
{
"date": "06/13/2017 01:55:01",
"source": "cowrie 159.203.x.x",
"name": "1d7750d9ee89eb29c3ca017dce35055bea42b4d8ecf713a4a3379f8f0b51808e",
"hash": "1d7750d9ee89eb29c3ca017dce35055bea42b4d8ecf713a4a3379f8f0b51808e",
"type": "ASCII text",
"classification": "BV:Downloader-KB [Drp]",
"virustotal": "https://www.virustotal.com/file/1d7750d9ee89eb29c3ca017dce35055bea42b4d8ecf713a4a3379f8f0b51808e/analysis/1497319241/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1d7750d9ee89eb29c3ca017dce35055bea42b4d8ecf713a4a3379f8f0b51808e"
},
{
"date": "06/12/2017 23:05:01",
"source": "cowrie 159.203.x.x",
"name": "f47ae12d78395307d836f2779669fd110be3ed57544a37e639060799bfae745d",
"hash": "f47ae12d78395307d836f2779669fd110be3ed57544a37e639060799bfae745d",
"type": "ASCII text",
"classification": "BV:Downloader-KB [Drp]",
"virustotal": "https://www.virustotal.com/file/f47ae12d78395307d836f2779669fd110be3ed57544a37e639060799bfae745d/analysis/1497024693/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f47ae12d78395307d836f2779669fd110be3ed57544a37e639060799bfae745d"
},
{
"date": "06/12/2017 23:05:01",
"source": "cowrie 159.203.x.x",
"name": "bddd2effcb332e93989cea45858cc7ea312413a9e4e12938903ff79e59ec45f2",
"hash": "bddd2effcb332e93989cea45858cc7ea312413a9e4e12938903ff79e59ec45f2",
"type": "POSIX shell script, ASCII text executable",
"classification": "Trojan.Downloader.BashAgent.ACO",
"virustotal": "https://www.virustotal.com/file/bddd2effcb332e93989cea45858cc7ea312413a9e4e12938903ff79e59ec45f2/analysis/1497024499/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/bddd2effcb332e93989cea45858cc7ea312413a9e4e12938903ff79e59ec45f2"
},
{
"date": "06/12/2017 23:05:01",
"source": "cowrie 159.203.x.x",
"name": "2409fb21fe377f7e12dda392f26d7c93b7715239169d362dd907fe499ab38ee9",
"hash": "2409fb21fe377f7e12dda392f26d7c93b7715239169d362dd907fe499ab38ee9",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.9, not stripped",
"classification": "Gen:Variant.Trojan.Linux.XorDDoS.2",
"virustotal": "https://www.virustotal.com/file/2409fb21fe377f7e12dda392f26d7c93b7715239169d362dd907fe499ab38ee9/analysis/1496563466/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2409fb21fe377f7e12dda392f26d7c93b7715239169d362dd907fe499ab38ee9"
},
{
"date": "06/12/2017 18:04:19",
"source": "deonaea 192.241.x.x",
"name": "smb-o5qu7wb2.tmp",
"hash": "015f5feba8bacde9bb2613c2330b7e7e0682d62502d35248bfb1a0a13f499c7a",
"type": "COM executable for DOS",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/015f5feba8bacde9bb2613c2330b7e7e0682d62502d35248bfb1a0a13f499c7a/analysis/1485151648/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/smb-o5qu7wb2.tmp"
},
{
"date": "06/12/2017 18:04:19",
"source": "deonaea 192.241.x.x",
"name": "smb-msggztxe.tmp",
"hash": "db5ce44e4c4ce6271d2e0a056e5abafdd7045f00d55c78450e64a87c2ed86efb",
"type": "data",
"classification": "Trojan.GenericKD.4484531",
"virustotal": "https://www.virustotal.com/file/db5ce44e4c4ce6271d2e0a056e5abafdd7045f00d55c78450e64a87c2ed86efb/analysis/1497288302/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/smb-msggztxe.tmp"
},
{
"date": "06/12/2017 02:00:01",
"source": "deonaea 192.241.x.x",
"name": "2a315c033a96ecf2ab2555591ad8db06",
"hash": "caec4616133c9d9cdbfb5d53d11504d87c01ca6a0f18f7f922c38c74d2f1b708",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Generic.ServStart.B.66553652",
"virustotal": "https://www.virustotal.com/file/caec4616133c9d9cdbfb5d53d11504d87c01ca6a0f18f7f922c38c74d2f1b708/analysis/1497221514/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2a315c033a96ecf2ab2555591ad8db06"
},
{
"date": "06/11/2017 19:40:01",
"source": "cowrie 159.203.x.x",
"name": "cb1d9c280fbdddf521946c9a6c026c1fa552e08e7a30ffcd2728744aedeaa6ec",
"hash": "cb1d9c280fbdddf521946c9a6c026c1fa552e08e7a30ffcd2728744aedeaa6ec",
"type": "POSIX shell script, ASCII text executable",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/cb1d9c280fbdddf521946c9a6c026c1fa552e08e7a30ffcd2728744aedeaa6ec/analysis/1496358375/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/cb1d9c280fbdddf521946c9a6c026c1fa552e08e7a30ffcd2728744aedeaa6ec"
},
{
"date": "06/11/2017 19:40:01",
"source": "cowrie 159.203.x.x",
"name": "4881209646afca418735a4ad6041dace3304dd6713b146df0acae576637169d8",
"hash": "4881209646afca418735a4ad6041dace3304dd6713b146df0acae576637169d8",
"type": "ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/4881209646afca418735a4ad6041dace3304dd6713b146df0acae576637169d8/analysis/1496358367/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/4881209646afca418735a4ad6041dace3304dd6713b146df0acae576637169d8"
},
{
"date": "06/11/2017 16:40:02",
"source": "deonaea 192.241.x.x",
"name": "393e16509241cd979fffd32b2f3e7800",
"hash": "dc9fad06b482934f9b1a0d477773a963e9cf6e2a70db5ba1c2abc30537b3bf29",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.57816",
"virustotal": "https://www.virustotal.com/file/dc9fad06b482934f9b1a0d477773a963e9cf6e2a70db5ba1c2abc30537b3bf29/analysis/1497292459/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/393e16509241cd979fffd32b2f3e7800"
},
{
"date": "06/11/2017 16:05:01",
"source": "deonaea 192.241.x.x",
"name": "2498afb865beca133f262c9b582aa1d2",
"hash": "7044db9131d3c7744003520f4bd1bca4bd43e364ae0efb61c575fa6e682196ef",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "DeepScan:Generic.Sdbot.2252647F",
"virustotal": "https://www.virustotal.com/file/7044db9131d3c7744003520f4bd1bca4bd43e364ae0efb61c575fa6e682196ef/analysis/1497193803/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2498afb865beca133f262c9b582aa1d2"
},
{
"date": "06/11/2017 08:00:01",
"source": "deonaea 192.241.x.x",
"name": "1300a728c1e0bd2e818e5df75908f793",
"hash": "015f5feba8bacde9bb2613c2330b7e7e0682d62502d35248bfb1a0a13f499c7a",
"type": "COM executable for DOS",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/015f5feba8bacde9bb2613c2330b7e7e0682d62502d35248bfb1a0a13f499c7a/analysis/1485151648/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/1300a728c1e0bd2e818e5df75908f793"
},
{
"date": "06/11/2017 06:30:01",
"source": "deonaea 159.203.x.x",
"name": "4d56562a6019c05c592b9681e9ca2737",
"hash": "e441718e331af69579b2699b07c8211aa776c5634e60a570099917b2f8603a29",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Generic.Malware.MW.C5E271EB",
"virustotal": "https://www.virustotal.com/file/e441718e331af69579b2699b07c8211aa776c5634e60a570099917b2f8603a29/analysis/1497153722/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/4d56562a6019c05c592b9681e9ca2737"
},
{
"date": "06/11/2017 02:45:01",
"source": "cowrie 159.203.x.x",
"name": "79433546e1dfd52a82c548e16c0c3f056561b5b2adeb902b920d16146bda17ec",
"hash": "79433546e1dfd52a82c548e16c0c3f056561b5b2adeb902b920d16146bda17ec",
"type": "ASCII text",
"classification": "BV:Downloader-JV [Drp]",
"virustotal": "https://www.virustotal.com/file/79433546e1dfd52a82c548e16c0c3f056561b5b2adeb902b920d16146bda17ec/analysis/1497030029/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/79433546e1dfd52a82c548e16c0c3f056561b5b2adeb902b920d16146bda17ec"
},
{
"date": "06/11/2017 02:45:01",
"source": "cowrie 159.203.x.x",
"name": "63e6b377fdcca1bd987dbbd78b401d97585aa67f900597706535f778ea85d5dd",
"hash": "63e6b377fdcca1bd987dbbd78b401d97585aa67f900597706535f778ea85d5dd",
"type": "ASCII text",
"classification": "BV:Downloader-II [Trj]",
"virustotal": "https://www.virustotal.com/file/63e6b377fdcca1bd987dbbd78b401d97585aa67f900597706535f778ea85d5dd/analysis/1497131113/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/63e6b377fdcca1bd987dbbd78b401d97585aa67f900597706535f778ea85d5dd"
},
{
"date": "06/11/2017 02:45:01",
"source": "cowrie 159.203.x.x",
"name": "543773cb7f8c54ab1b663e5cd87cba2b2624704849481d248dafe3003ab64b7b",
"hash": "543773cb7f8c54ab1b663e5cd87cba2b2624704849481d248dafe3003ab64b7b",
"type": "ASCII text",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/543773cb7f8c54ab1b663e5cd87cba2b2624704849481d248dafe3003ab64b7b/analysis/1497131115/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/543773cb7f8c54ab1b663e5cd87cba2b2624704849481d248dafe3003ab64b7b"
},
{
"date": "06/10/2017 22:50:01",
"source": "deonaea 192.241.x.x",
"name": "08e25d839a668501d8c8024b3144d3b7",
"hash": "bfb411e731300b8a9b3902c59e93075948a09860cca85f3f32deeb1351880407",
"type": "ASCII text, with very long lines, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/bfb411e731300b8a9b3902c59e93075948a09860cca85f3f32deeb1351880407/analysis/1496706117/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/08e25d839a668501d8c8024b3144d3b7"
},
{
"date": "06/10/2017 16:10:01",
"source": "deonaea 192.241.x.x",
"name": "a044fbe60d8393f4a7652d669bc12065",
"hash": "e6b8090a4c6e1f301ac041209aba9376e8bbb0f734a2e2244a84e55852f9bb0a",
"type": "PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Dropped:Generic.Malware.dld!!.E51E084D",
"virustotal": "https://www.virustotal.com/file/e6b8090a4c6e1f301ac041209aba9376e8bbb0f734a2e2244a84e55852f9bb0a/analysis/1495975739/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/a044fbe60d8393f4a7652d669bc12065"
},
{
"date": "06/10/2017 16:10:01",
"source": "deonaea 192.241.x.x",
"name": "6c89df7d6d364c792599d4ff2499aeac",
"hash": "340740138a67feec6ae91493dcd3c29940ec245dce0717f58e9b2542ac37c094",
"type": "PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/340740138a67feec6ae91493dcd3c29940ec245dce0717f58e9b2542ac37c094/analysis/1493197769/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/6c89df7d6d364c792599d4ff2499aeac"
},
{
"date": "06/10/2017 14:40:01",
"source": "deonaea 159.203.x.x",
"name": "08a94e9607ca627dcec8a064b5d477ea",
"hash": "9e312a5804db1e2b0735dfe24eab286118df606bef521008c84b900320c36d71",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Parite.B",
"virustotal": "https://www.virustotal.com/file/9e312a5804db1e2b0735dfe24eab286118df606bef521008c84b900320c36d71/analysis/1496640582/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/08a94e9607ca627dcec8a064b5d477ea"
},
{
"date": "06/10/2017 14:40:01",
"source": "deonaea 159.203.x.x",
"name": "049a069b30324dec48c5b3fe10d4b903",
"hash": "f31ab20ff832a6507244ff4f84063bef590b7d647f415a338558f7c119af03d5",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Parite.B",
"virustotal": "https://www.virustotal.com/file/f31ab20ff832a6507244ff4f84063bef590b7d647f415a338558f7c119af03d5/analysis/1497092380/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/049a069b30324dec48c5b3fe10d4b903"
},
{
"date": "06/10/2017 13:45:01",
"source": "deonaea 192.241.x.x",
"name": "baec34bbc72c544e5953da4ac1d6dde4",
"hash": "4b3ad0c035065d1f5631e51113ae08a03c8451a760bc07ac8c852571219719be",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32:Evo-gen [Susp]",
"virustotal": "https://www.virustotal.com/file/4b3ad0c035065d1f5631e51113ae08a03c8451a760bc07ac8c852571219719be/analysis/1497103242/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/baec34bbc72c544e5953da4ac1d6dde4"
},
{
"date": "06/10/2017 10:25:01",
"source": "deonaea 192.241.x.x",
"name": "7782f67481c934b23b15edd5e15067cb",
"hash": "9f654c917cd50cd576ca317378845e3fe10fdae1ab5fd1182d6a2c57c6e29533",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Parite.B",
"virustotal": "https://www.virustotal.com/file/9f654c917cd50cd576ca317378845e3fe10fdae1ab5fd1182d6a2c57c6e29533/analysis/1497024721/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7782f67481c934b23b15edd5e15067cb"
},
{
"date": "06/09/2017 23:05:01",
"source": "cowrie 159.203.x.x",
"name": "7985de509fb7e9bcfb1d099760c6bcf5765f4eb876050f5e47998cb28f2b9d99",
"hash": "7985de509fb7e9bcfb1d099760c6bcf5765f4eb876050f5e47998cb28f2b9d99",
"type": "gzip compressed data, last modified: Thu Jun 8 16:36:30 2017, from Unix",
"classification": "Backdoor.Perl.Shellbot.B",
"virustotal": "https://www.virustotal.com/file/7985de509fb7e9bcfb1d099760c6bcf5765f4eb876050f5e47998cb28f2b9d99/analysis/1496946248/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7985de509fb7e9bcfb1d099760c6bcf5765f4eb876050f5e47998cb28f2b9d99"
},
{
"date": "06/09/2017 23:05:01",
"source": "cowrie 159.203.x.x",
"name": "734f36d901572f218b890e13dd04a7ad1d97fb7031558a331fedc572d3443fa5",
"hash": "734f36d901572f218b890e13dd04a7ad1d97fb7031558a331fedc572d3443fa5",
"type": "C++ source, ASCII text",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/734f36d901572f218b890e13dd04a7ad1d97fb7031558a331fedc572d3443fa5/analysis/1496876357/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/734f36d901572f218b890e13dd04a7ad1d97fb7031558a331fedc572d3443fa5"
},
{
"date": "06/09/2017 21:55:01",
"source": "deonaea 192.241.x.x",
"name": "fc9b0b8b711e44ce0d4f91b0cedb1c76",
"hash": "b1912fe759ce5a90de1e18e62b39e416ed4fde549ae0b10bee4173f4bbb09c36",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Heur.RI.1",
"virustotal": "https://www.virustotal.com/file/b1912fe759ce5a90de1e18e62b39e416ed4fde549ae0b10bee4173f4bbb09c36/analysis/1496901348/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/fc9b0b8b711e44ce0d4f91b0cedb1c76"
},
{
"date": "06/08/2017 23:40:01",
"source": "deonaea 159.203.x.x",
"name": "7db96a93f168fd905674d2631deb7c29",
"hash": "25baf58a32eab5e3f6af709269a5d9c347949b29a021c62fb58f3add58cedc6b",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Parite.B",
"virustotal": "https://www.virustotal.com/file/25baf58a32eab5e3f6af709269a5d9c347949b29a021c62fb58f3add58cedc6b/analysis/1496955788/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7db96a93f168fd905674d2631deb7c29"
},
{
"date": "06/08/2017 23:40:01",
"source": "deonaea 159.203.x.x",
"name": "5cbb19165bfdb63d43d1552fa49f9716",
"hash": "1e4d101e496b0bb29fff1efe71066c3de3cc0b30dbf997893a57b46d3d68b6ac",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Generic.Mulinex.7CFDBB45",
"virustotal": "https://www.virustotal.com/file/1e4d101e496b0bb29fff1efe71066c3de3cc0b30dbf997893a57b46d3d68b6ac/analysis/1496957406/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/5cbb19165bfdb63d43d1552fa49f9716"
},
{
"date": "06/08/2017 23:40:01",
"source": "deonaea 159.203.x.x",
"name": "516a3d28ffad8964d3dbcd8f382b2fa9",
"hash": "6e6c0873c5f878ea9bbfc7606f09421d46001ba7f425ff3452dc4985da0f9f82",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Parite.B",
"virustotal": "https://www.virustotal.com/file/6e6c0873c5f878ea9bbfc7606f09421d46001ba7f425ff3452dc4985da0f9f82/analysis/1496955751/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/516a3d28ffad8964d3dbcd8f382b2fa9"
},
{
"date": "06/08/2017 22:50:01",
"source": "cowrie 159.203.x.x",
"name": "8c3a8e383e5b37be8e1e150693524d20feae0b34677597ac927f7146c19c3039",
"hash": "8c3a8e383e5b37be8e1e150693524d20feae0b34677597ac927f7146c19c3039",
"type": "Bourne-Again shell script, ASCII text executable, with CRLF line terminators",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/8c3a8e383e5b37be8e1e150693524d20feae0b34677597ac927f7146c19c3039/analysis/1496961006/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8c3a8e383e5b37be8e1e150693524d20feae0b34677597ac927f7146c19c3039"
},
{
"date": "06/08/2017 21:50:01",
"source": "cowrie 159.203.x.x",
"name": "27ab26b3062f1b7070042e30afd7cd1659bc5b78139af16f759490307742f6b5",
"hash": "27ab26b3062f1b7070042e30afd7cd1659bc5b78139af16f759490307742f6b5",
"type": "Python script, ASCII text executable, with CRLF line terminators",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/27ab26b3062f1b7070042e30afd7cd1659bc5b78139af16f759490307742f6b5/analysis/1493377824/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/27ab26b3062f1b7070042e30afd7cd1659bc5b78139af16f759490307742f6b5"
},
{
"date": "06/08/2017 20:45:01",
"source": "deonaea 192.241.x.x",
"name": "36a066845cbb430e7a7deadd5aac2f06",
"hash": "33e6b54aa0c606a2ed24986a02867a345be577a7e45e15bcff52165a0de71870",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Graftor.316795",
"virustotal": "https://www.virustotal.com/file/33e6b54aa0c606a2ed24986a02867a345be577a7e45e15bcff52165a0de71870/analysis/1496953170/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/36a066845cbb430e7a7deadd5aac2f06"
},
{
"date": "06/08/2017 20:40:01",
"source": "cowrie 159.203.x.x",
"name": "86fbdd7df9486a17e9c408c7e50635e26402fdf297c9e97f1a5256100401dcc5",
"hash": "86fbdd7df9486a17e9c408c7e50635e26402fdf297c9e97f1a5256100401dcc5",
"type": "ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, stripped",
"classification": "Linux.Trojan.Agent.A",
"virustotal": "https://www.virustotal.com/file/86fbdd7df9486a17e9c408c7e50635e26402fdf297c9e97f1a5256100401dcc5/analysis/1495023524/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/86fbdd7df9486a17e9c408c7e50635e26402fdf297c9e97f1a5256100401dcc5"
},
{
"date": "06/08/2017 20:40:01",
"source": "cowrie 159.203.x.x",
"name": "0ffa9e646e881568c1f65055917547b04d89a8a2150af45faa66beb2733e7427",
"hash": "0ffa9e646e881568c1f65055917547b04d89a8a2150af45faa66beb2733e7427",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (GNU/Linux), statically linked, stripped",
"classification": "Linux.Trojan.Agent.A",
"virustotal": "https://www.virustotal.com/file/0ffa9e646e881568c1f65055917547b04d89a8a2150af45faa66beb2733e7427/analysis/1494975236/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0ffa9e646e881568c1f65055917547b04d89a8a2150af45faa66beb2733e7427"
},
{
"date": "06/08/2017 19:40:01",
"source": "deonaea 159.203.x.x",
"name": "f983e21c9cf1fbba6e12da9cb92561d4",
"hash": "984050713ad29b2d8dcca0b9dfdee82d41bee59648d3ad4837bd399355481f06",
"type": "ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped",
"classification": "Trojan.Agent.Linux.A",
"virustotal": "https://www.virustotal.com/file/984050713ad29b2d8dcca0b9dfdee82d41bee59648d3ad4837bd399355481f06/analysis/1496922558/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/f983e21c9cf1fbba6e12da9cb92561d4"
},
{
"date": "06/08/2017 18:35:01",
"source": "deonaea 159.203.x.x",
"name": "64b3efd44dd4b0c477ddbbde4e64d0c6",
"hash": "dbc5b730e098253b1a8b435ea8c33e1bf887fd8d6a9bf68da3f15e720b13f899",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Win32.Ramnit",
"virustotal": "https://www.virustotal.com/file/dbc5b730e098253b1a8b435ea8c33e1bf887fd8d6a9bf68da3f15e720b13f899/analysis/1496884595/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/64b3efd44dd4b0c477ddbbde4e64d0c6"
},
{
"date": "06/08/2017 08:05:01",
"source": "deonaea 159.203.x.x",
"name": "72bb10e6bc89abba6b92d8026bbdf681",
"hash": "86798e6b7a8168e80bb276180f5cc6ccc21aa74c0b0af8fe2abfc053aab7555c",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/86798e6b7a8168e80bb276180f5cc6ccc21aa74c0b0af8fe2abfc053aab7555c/analysis/1496908637/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/72bb10e6bc89abba6b92d8026bbdf681"
},
{
"date": "06/08/2017 00:15:01",
"source": "cowrie 159.203.x.x",
"name": "e47f7271638dc2830ddde5203bd092ba1bbf1b7a408bd5e0ab7602b421956688",
"hash": "e47f7271638dc2830ddde5203bd092ba1bbf1b7a408bd5e0ab7602b421956688",
"type": "Bourne-Again shell script, ASCII text executable",
"classification": "HEUR:Trojan-Downloader.Shell.Agent.p",
"virustotal": "https://www.virustotal.com/file/e47f7271638dc2830ddde5203bd092ba1bbf1b7a408bd5e0ab7602b421956688/analysis/1496362129/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/e47f7271638dc2830ddde5203bd092ba1bbf1b7a408bd5e0ab7602b421956688"
},
{
"date": "06/07/2017 18:30:01",
"source": "deonaea 159.203.x.x",
"name": "2937577db5cf9804c86bd8e5d1ca0f1e",
"hash": "b351f7bf82243434071c478c357e8e57402cf222eb2136ea92f707b5fecb28bd",
"type": "MS-DOS executable, MZ for MS-DOS",
"classification": "Win32:Agent-AXZD [Trj]",
"virustotal": "https://www.virustotal.com/file/cf9f73c532a66010db6f76a171f917d2516ac81fe314f9da2ee38ae6eefe30d2/analysis/1496941205/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/2937577db5cf9804c86bd8e5d1ca0f1e"
},
{
"date": "06/07/2017 17:35:01",
"source": "deonaea 192.241.x.x",
"name": "61cc9a8fa701750cd9987390fef8ee28",
"hash": "09848376a3670fef9ce48592fb5cb1229faa523dcadfff3a3449fb11fdbffab2",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/cf2e13d7d6bb7dbc26130727b5a6cf2c8df72a7b7fcd27f36671ce0debcecd56/analysis/1496826010/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/61cc9a8fa701750cd9987390fef8ee28"
},
{
"date": "06/07/2017 17:35:01",
"source": "deonaea 192.241.x.x",
"name": "173abbd8666357d66ad291fe6060adb4",
"hash": "16a89d31496b19420d36ded0bbfc49c079e5f01592d82413cd5a98b505e9f258",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/cf2e13d7d6bb7dbc26130727b5a6cf2c8df72a7b7fcd27f36671ce0debcecd56/analysis/1496826010/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/173abbd8666357d66ad291fe6060adb4"
},
{
"date": "06/07/2017 15:30:01",
"source": "deonaea 192.241.x.x",
"name": "9e0879c7c2cc632dae31ef5b66099ec6",
"hash": "7e313ad62e2bac7a07d176dd7996468246780d44492dececd3413cfd98700604",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/cf2e13d7d6bb7dbc26130727b5a6cf2c8df72a7b7fcd27f36671ce0debcecd56/analysis/1496826010/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/9e0879c7c2cc632dae31ef5b66099ec6"
},
{
"date": "06/07/2017 13:05:01",
"source": "deonaea 159.203.x.x",
"name": "7867de13bf22a7f3e3559044053e33e7",
"hash": "a29d02251f54567edb1d32f7c17ce4c04d5c54e317eb3b2bea2a068da728e59a",
"type": "MS-DOS executable, MZ for MS-DOS",
"classification": "Trojan.GenericKD.4484531",
"virustotal": "https://www.virustotal.com/file/a29d02251f54567edb1d32f7c17ce4c04d5c54e317eb3b2bea2a068da728e59a/analysis/1496808278/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7867de13bf22a7f3e3559044053e33e7"
},
{
"date": "06/07/2017 10:25:01",
"source": "deonaea 159.203.x.x",
"name": "7e74627dcb8707c41c7f44c0d5106aec",
"hash": "19b8ed91979f27d6ecb5b2f32bd78c64bea10c944093257730b7ddfab1de3ba1",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Virtob.Gen.12",
"virustotal": "https://www.virustotal.com/file/19b8ed91979f27d6ecb5b2f32bd78c64bea10c944093257730b7ddfab1de3ba1/analysis/1495983231/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/7e74627dcb8707c41c7f44c0d5106aec"
},
{
"date": "06/07/2017 10:05:01",
"source": "deonaea 159.203.x.x",
"name": "0afa86234c4d4f54e4c96d08005ed1e8",
"hash": "04b7c8ae7381f2c476e91a62732ae06b4c1e42b1de00fdf156e0c21c98aa8f95",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.65622",
"virustotal": "https://www.virustotal.com/file/04b7c8ae7381f2c476e91a62732ae06b4c1e42b1de00fdf156e0c21c98aa8f95/analysis/1495983169/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/0afa86234c4d4f54e4c96d08005ed1e8"
},
{
"date": "06/07/2017 08:45:01",
"source": "cowrie 159.203.x.x",
"name": "cf2e13d7d6bb7dbc26130727b5a6cf2c8df72a7b7fcd27f36671ce0debcecd56",
"hash": "cf2e13d7d6bb7dbc26130727b5a6cf2c8df72a7b7fcd27f36671ce0debcecd56",
"type": "Python script, ASCII text executable",
"classification": "Win32:Agent-AXZD [Trj]",
"virustotal": "https://www.virustotal.com/file/cf9f73c532a66010db6f76a171f917d2516ac81fe314f9da2ee38ae6eefe30d2/analysis/1496941205/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/cf2e13d7d6bb7dbc26130727b5a6cf2c8df72a7b7fcd27f36671ce0debcecd56"
},
{
"date": "06/07/2017 06:30:01",
"source": "deonaea 192.241.x.x",
"name": "cae8a8524eeb0e7de1fb3704bd14b7ba",
"hash": "4aba709067c2cca66002497ed46630bc1995e5371bc07f6f2183b2ef389ea0c7",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed",
"classification": "Win32.Ramnit",
"virustotal": "https://www.virustotal.com/file/4aba709067c2cca66002497ed46630bc1995e5371bc07f6f2183b2ef389ea0c7/analysis/1496804757/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/cae8a8524eeb0e7de1fb3704bd14b7ba"
},
{
"date": "06/07/2017 05:35:01",
"source": "deonaea 159.203.x.x",
"name": "eb18a7d302bbc8c0b3ed2cd1612e8d59",
"hash": "debb005a26a20b20cac92a2180d0e114dcd11663bcaf4abcf87e08ed55b940d4",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Symmi.65622",
"virustotal": "https://www.virustotal.com/file/debb005a26a20b20cac92a2180d0e114dcd11663bcaf4abcf87e08ed55b940d4/analysis/1496637631/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/eb18a7d302bbc8c0b3ed2cd1612e8d59"
},
{
"date": "06/06/2017 21:05:01",
"source": "cowrie 159.203.x.x",
"name": "c647303506d29a949443a81841afc7878f45e50e225e7747d845c305e9dc0329",
"hash": "c647303506d29a949443a81841afc7878f45e50e225e7747d845c305e9dc0329",
"type": "Zip archive data, at least v1.0 to extract",
"classification": "Backdoor.Perl.Shellbot.B",
"virustotal": "https://www.virustotal.com/file/c647303506d29a949443a81841afc7878f45e50e225e7747d845c305e9dc0329/analysis/1496782808/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/c647303506d29a949443a81841afc7878f45e50e225e7747d845c305e9dc0329"
},
{
"date": "06/06/2017 21:00:01",
"source": "deonaea 192.241.x.x",
"name": "21fdfd8dd9ca4f10497ddf24b97cbfcd",
"hash": "a9f5aedaeeb97934a16a4188b9f9c3947a06245a11bd20334072786463f2e2b8",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Win32.Virtob.Gen.12",
"virustotal": "https://www.virustotal.com/file/a9f5aedaeeb97934a16a4188b9f9c3947a06245a11bd20334072786463f2e2b8/analysis/1496379539/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/21fdfd8dd9ca4f10497ddf24b97cbfcd"
},
{
"date": "06/06/2017 20:55:01",
"source": "deonaea 192.241.x.x",
"name": "16fc8229b6341c4e643f2f35ba0313c8",
"hash": "f7d79b03d271bf9118e430c5c0f312cf4451b7bc568da18a14e295818204ddb4",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "nondeterministic",
"virustotal": "https://www.virustotal.com/file/cf2e13d7d6bb7dbc26130727b5a6cf2c8df72a7b7fcd27f36671ce0debcecd56/analysis/1496826010/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/16fc8229b6341c4e643f2f35ba0313c8"
},
{
"date": "06/06/2017 17:27:34",
"source": "deonaea 192.241.x.x",
"name": "705c585d669f8a75bbbb12dec4a751bd",
"hash": "5762bd50eaa204b43cd2b5e87adf087613605f0af8511cf5206e65cf486e814d",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Generic.Mulinex.1C888333",
"virustotal": "https://www.virustotal.com/file/5762bd50eaa204b43cd2b5e87adf087613605f0af8511cf5206e65cf486e814d/analysis/1496490546/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/705c585d669f8a75bbbb12dec4a751bd"
},
{
"date": "06/06/2017 04:15:01",
"source": "deonaea 159.203.x.x",
"name": "8e40ad1ced365a25ff67e4fa71cdeb31",
"hash": "3be03f5d855a156296ce7d4a72736f89df497d29cee4873d82346f3b9550fe5c",
"type": "PE32 executable (GUI) Intel 80386, for MS Windows",
"classification": "Gen:Variant.Mikey.59774",
"virustotal": "https://www.virustotal.com/file/3be03f5d855a156296ce7d4a72736f89df497d29cee4873d82346f3b9550fe5c/analysis/1496629072/" ,
"sample": "https://github.com/ring0x0/honeydrops/tree/master/8e40ad1ced365a25ff67e4fa71cdeb31"
}
]