WEBSHELL_ASPX_MamadWarning_Jul20_1

Rule Info

Av Ratio
12.27
Minimum Yara
1.7
Date
2020-07-28
Name
WEBSHELL_ASPX_MamadWarning_Jul20_1
Author
Florian Roth
Required Modules
[]
Rule Hash
6a6ba0fdebd650d7fc118c28a5ccbb19
Tags
['WEBSHELL', 'T1100', 'T1136']
Score
90
Description
Detects Mamad Warning ASPX web shell

Antivirus Verdicts

Rating
Number of Samples
Malicious (>= 10 engines)
7
Suspicious (< 10 engines)
22
Clean (0 engines)
6

Rule Matches

Positives
Total
Hash
Timestamp
VT
14
61
cff0e1b4781e883eca8d203d71f62da976795e29482b70821ee2d5dda1b1c74b
2020-11-21 05:46:23
0
62
026cfbcec9024f0b77034adaf8bfdcde0eed8cf647303421f24769db56311138
2020-11-19 12:36:23
1
59
d3258265a1c28920f771ee79abffec122853c92e9bba3be044059aaaff8fed79
2020-11-19 12:35:17
0
62
655367d73e0658ff5f8ed1188e07fcd0fbf199b48b3e8c767e33e2df1b981163
2020-11-19 12:34:54
4
57
1dce3ecced1845f1644e5cd38b0c951956b92d9eac3610c6b6b0c111b1c6195d
2020-11-19 12:32:33
0
62
139f1fb8e07091b8130a52ae1c4be34b982439b12cf7609a0d2925b2aec359a9
2020-11-19 12:30:22
4
62
7678c1ef858619d12fba50ae23fca9587ecdfe928a7d799e729eb68636e410e5
2020-11-19 12:29:40
0
61
76af326e95c9eb55a94eaa3ce4b395e66d061fa424a43a697e39208a6e61a6ad
2020-11-19 12:28:46
0
62
8e7170955858ea4af91b7359b80dfb3a08d52903b2677be6fb5085666c4de504
2020-11-19 12:28:21
4
62
ecab3f49dfb2d2bbd5d83eef4bbb0475c35df7018669ecd2f5fa87ab98862d06
2020-11-19 12:27:47
4
62
89c8d8167dcb285dec73a2bb071060683ad8125385e29c5a2fbcef7dafd36eec
2020-11-19 12:26:57
4
59
79a2e555dc03eb9efa0e13360dba99964753300c2a3278b4d87fca8ffb6c8627
2020-11-19 12:24:58
4
62
c509869562c41c1bb1de7a695e6b1818ff68dff89c7aba1b65e12d1e2d50f23c
2020-11-19 12:23:45
4
62
7dde20160b13e1c60d8f19397a7310397402e2b1ad6719d6652bdf037d9baf0f
2020-11-19 12:23:11
5
62
25f4bb2acc3e573ced88fafb5d684dd63cf6c5a12779de5f43c8fa49af37e624
2020-11-17 12:50:51
3
61
9d3676e0bff9752af86e03b25f15012fad2322228d7e46666e8ed517938d52fe
2020-11-08 09:28:05
3
61
ba3d41a719d2b2a117f30c4a333b738b3db1dbc767e0b607663aef2c3a4214d2
2020-11-08 09:22:33
5
61
988a0de4149fe6288d30ec6682e1b71f265567fdb839ff4911fd4709de88dc77
2020-11-07 19:11:28
4
62
d8782884c9b01128b27e4012c8ed755a7ec7d24f44a59e5330c322b2ae87628b
2020-10-31 10:16:09
39
58
abb3ddc945d147a4ed435b71490764bc4a2860f4ad264052f407357911bd6746
2020-10-07 15:14:41
0
59
642b83878afd2e725431c898790ce0a9d6dd451354effe3628f56d9a63805280
2020-10-04 14:49:57
34
58
af1c00696243f8b062a53dad9fb8b773fa1f0395631ffe6c7decc42c47eedee7
2020-09-24 12:51:44
6
57
6ab2d4254e151a1bd6993c9845d5527a02b79a4fc16b1e21c4ce355bda6596dc
2020-09-16 18:31:58
16
57
383efc418ddf83f24c3d29f1d925e6dc400074048ce3e823feb04abf853bbfcc
2020-09-16 10:30:07
6
57
63d94bcbb7931642afd8b43f61ecad1498d4ed7cf49e8b5dbb7e8dbc192debb6
2020-09-15 15:39:40
8
57
d022678be7c007b6a9d45771ab12b20e4ab7bec57ee90be8797c0af93b46657b
2020-09-12 16:58:10
7
57
7fb372c27cff4e3b5aa88cede83c1e6d5ff265762d506396ce217e9b19ec82c1
2020-09-12 16:56:03
5
54
b831bc7a7625f00ff1244adea2ec39b6fc3263a1069363a2663dfcd836e8d30e
2020-09-12 16:27:15
5
56
911f0a9467bef471e53f8abc1a09ed0b5eabf1667eea9616a9c60f81ae0a60cd
2020-09-11 13:16:01
12
56
593fe67a77712e69e1ed971686baf05b4bd4c990fca5eee0f04ed0bff7bef380
2020-09-08 11:17:25
17
58
a6a4be7cc3fa7e9478a740e283ff454a414c6773aa944689c6d76699eeeefbaa
2020-09-03 05:24:30
8
58
5fa806074bb6b1efb2f32d0761e5c54d8ba2efb0d7b97237b492a4bec037ef1c
2020-09-03 05:24:20
7
54
e3387f7ba084f94b74eac6e1bedf041dd0aa0d6f5cb9ec42412f9249e62f7658
2020-08-22 11:05:39
11
58
c63058e46cbd20e2a60f3177d65052f642addd2240e2dbbb7f18b7c535ea7326
2020-08-14 17:29:13
6
59
653df45b5f1e3b16f8ee579a6daa8015067087ae25258731aa2208b7a3868041
2020-08-10 17:04:22

Rule Matches per Month (last 24 months)