WEBSHELL_NeoReGeorg_Mar22_1

Rule Info

Name
WEBSHELL_NeoReGeorg_Mar22_1
Description
Detects Neo-reGeorg webshell
Date
2022-03-17
Score
85
Tags
['WEBSHELL', 'T1100']
Minimum Yara
1.7
Author
Florian Roth
Av Ratio
12.74
Rule Hash
79aedddac05febc32a857817db70ef3c
Required Modules
[]

Antivirus Verdicts

Rating
Number of Samples
Malicious (>= 10 engines)
25
Suspicious (< 10 engines)
39
Clean (0 engines)
0

Rule Matches

Hash
Total
Timestamp
Positives
VT
22f9e7ea7e115dc481107610ff049f4ada046691ddc955eaef6f8aeb5c5cf1ff
59
2022-08-19 09:06:34
13
0dc90a5c854699c786a9dfa7e20ecde6a4b7b6c138ed9e3091a951cec8512549
59
2022-08-19 04:08:55
14
fb6b32e0afd6d4c15ed4e941f92e6c93e7d276ff5b260b4ba67755e8ee0f6b44
59
2022-08-14 08:40:41
14
2b4eba68f1c933395265138fbddad1b56a55df53b977c8ed073a95ba7758e89a
59
2022-08-13 12:17:12
14
179ac1c8c75dcfbcb5a709829efc4ceba8281d17311ddb4a5e15a7ecf3368600
60
2022-08-11 04:58:42
12
37a841c66c688541268705521adadd05cec187b20542a0dc098765f761fadd3c
59
2022-08-08 11:14:50
13
c89c9717e22c8fdcd0fd40502caab148658eb8476f89728ec6bcef67c7233aa0
59
2022-08-08 10:20:49
12
f257832466e9c7a5f465deeaa241e42319d35cf95d27ce297203c2239c7a10fe
59
2022-08-05 09:07:31
12
ccd80ad2c1e08fbb6666723341c9040c19d9023d346da0a28b3a2d4c7b9d1e01
59
2022-08-04 14:03:18
13
01325456bf96774694f3a2df04122fe01f71744139eefb47a45fa3711b9259ba
58
2022-08-03 10:34:05
12
7ea901c5695157b2882066e6bdc6b34466e821d505c275d5a140545ddbb94541
59
2022-08-03 09:38:06
12
bd4682c682ddbed04483c19d64df001aeb0fa08ed1fb8ac813d942ec320005e3
58
2022-08-02 19:14:44
12
90cc86c354e615b4bec20268f8530cb6efe2ce23edfeddbed9191ad5e52178ab
59
2022-08-02 08:24:50
14
8d8b1d4ec7013a2469a3d729ea43875fbb13301a75896ea301f1f3da3cf8da21
59
2022-08-02 04:19:15
12
cc28f35e46c017dd4a660df3272319cd79e90ea59d36992f8c79ab6332944096
59
2022-07-31 11:35:46
14
f0f10588b703299e6ea7eb6089d2ae076d853659a675208d9cce218152fce4e0
59
2022-07-31 06:02:10
13
cfd738a950fecddabd96078302a0f42c2e37275c179adda07cbe0934b3b058ec
59
2022-07-30 09:01:11
14
19f051c6133241d6fcf3b13d55459f9e8d2e7dbfd8f3b8a1db40cd1c132f31ee
59
2022-07-27 13:14:48
13
afbf91f417cf4e9fdc61103a3cc4305d41e69c337c1a0d3ff5416c98b75da012
59
2022-07-26 10:11:07
15
eceb5bff87d8c085e182765288abef50bbd902b17cb11417f52300981ff597b1
59
2022-07-25 12:19:54
13
a21adc000276a9316bd713dfcf4f236156c99e35581b53383e6a7569012a03b4
58
2022-07-18 09:58:15
15
c4ed3c3cf298469169a8b50df2ee42079632bdd1905f195174ae460b49575883
58
2022-07-13 10:36:09
15
df99e6bb6dcebc8d6dbdbb0d3c8157b9d37189118b2a7a09aadcb71757ebb354
58
2022-07-13 06:36:08
13
bfafabe743d54ea8228f6c03e9d6efe502a459d0e63787bfe401312657c48fc0
58
2022-07-13 06:35:05
13
8f687c60d579f835fc12a5d28308b982ff78fee2ab33c13a7c8508c0a1c53f75
57
2022-07-04 05:01:02
13
d477e46d7f552e931d61fed8981f83d488ce3611789d9e60a3b0bee38fd5d03b
56
2022-06-29 16:43:28
5
3674515545daf39f7f1cce992b23a31824a7384ab432e525766cdcb9eb314c4e
56
2022-06-28 10:52:22
2
b92d3efc515dfe2c32b854d89403e5169a5a7e08457e5a50e9390b208389ca5e
55
2022-06-28 06:51:41
7
c585251f0280182ac72a6a6bc81090f000a0786a7c5c125de4c43038686bc1d6
54
2022-06-26 09:25:07
2
9ffd121160b72517bdba0fd538b7fad1c9aa0619abd7cddb33fc7032ca6f532a
55
2022-06-26 05:40:52
1
4203f8d3f6a88f8440c841e9a7225be08aef60c341402c816d7435fbbf3dbe4b
55
2022-06-26 05:35:35
1
e4cfce5205b1a9f9dc12a6879157d8504cd8bfd74415ce3be1a5bdc1acf23c2f
55
2022-06-25 15:38:09
5
8c4108348b3ad3ae1878e709ab8d9c308045d6f51a6327703d457c45e0ac01d4
55
2022-06-23 05:01:34
3
e5f0480093b2b92b8a5c4fbccaf238db585c069f1a3268d927cf9c81b48bc8ae
53
2022-06-22 13:56:03
4
7f15c06f863df0f7fda805116fe0f91b2e47e71d4e8dd37fd17f538dea06ec55
56
2022-06-22 06:11:56
5
cfe2b12a500a51fd6099d3d8b82909ccb1465ca03b30efd1d11d6f1e786cfd6d
56
2022-06-22 06:01:29
5
6cc852bd81bbec226f21f56a0c52a403d362c53322ae3248e1722cbbd46dfdeb
45
2022-06-21 15:39:36
4
bd50945ea97a3219addd22313978e5ac04edfabbcb84ed54dbfbb82ad9c1785c
56
2022-06-19 12:11:30
3
6350212677cd4c49f5253afea9cb77254ed42a6a3cd3bff0bbe52bdec03091e2
55
2022-06-16 08:14:28
3
c773d955556d303243eba3dd9d15b3ba4c2c805df946177f808f1561f24ba249
55
2022-06-16 07:10:28
4
2e7cb986f1ddcd021bcba87a419ae23be4f01d0e65f935e34990fd236e3ba350
56
2022-06-12 15:02:02
5
54f38c4deb1188ddad0a4f5b7e006529adc3e874837ce7f30ab720d1c4b32533
56
2022-06-07 11:33:21
4
bec27c5ecef750839c76a45c699c157d6e3a5643ff1036b29ac068d946ffe043
57
2022-05-30 20:10:05
5
7d283859847c6a8b160862c3c8dd69617c5d00771668c2a850f094121ee2fb61
56
2022-05-30 20:09:59
4
76a853bbeb10bdcb1ae54c75b961b187185ffe04057828c0c5412acbae1c81a9
57
2022-05-29 14:33:00
4
974465a0586ec7bc2f57311761a2a290b83e89e0684646da7fb9e9c0907f22fb
56
2022-05-27 10:06:57
4
419526ebca5eea20ce4cf99f47f76485ff2bd230df121061ad10cd7378c8c5bd
56
2022-05-27 10:06:49
2
16fddfb5a2c86260c3da1c05792df9433663c8e9e5be3613596088249abc85bb
56
2022-05-27 10:06:48
2
79d2dcc0ffa2c68a5d4acf1adf38007b1913f8409091d1e9e49bfcac4164bad6
56
2022-05-27 10:06:46
2
c6d9adf42149c446a2ddc0918be7dcd952b4d21197a299fd686f5b3a3c919484
57
2022-05-27 10:06:45
1
8bdb4dc0227a3fa44fc0ba24343c7edfd74cc99bd976ef2c8fefa65689a1bdb4
56
2022-05-27 10:06:43
2
7cee3bf22b743a04c4386ca247294d53e304593debe0245f19ac42e77b4611dc
57
2022-05-23 19:24:02
5
242cdcd92ee3b5f116f99248c72e064957ce56e55975661580b686030386409f
57
2022-05-18 03:48:57
3
c1cd0ea71dea051cc16b7536321899ebdb5228f19f65d6d112e8158460795fa8
58
2022-05-17 06:15:43
4
931303ff9cbf776e70078a8ca1dc42f9a2b17c5359450ff167259b535915987d
58
2022-05-15 11:38:38
4
441cd283a7243f3087233dade348e9395ba0b1e9803e3305945c2ccd14cba4e9
56
2022-05-12 10:54:52
5
4657117f70ae585ddf323f2ad07ea15eeef4115cbbc83f1b8137153df4221b2d
58
2022-04-15 06:35:23
5
96d83d290f4d9c60068e5c6bdb18d99d0f5a61136b386efd411ab71a74463c46
57
2022-04-15 06:33:06
4
84df1233b2b7af059d3aaa8d508ffd2834022685d08b63d5c83f63c2efe1ef84
58
2022-04-15 06:30:36
3
6cebff141da5c097de8be3055290f22fcd5079b8fca89838ecbc632d27059f2c
58
2022-04-13 19:45:29
4
5dd45f76f676043854350139a8cac606dbfaa0cea140a5901832fb4d8b29ec45
56
2022-03-28 12:19:27
3
b5d62ffc6036e6ce4bc8813e6b1edfce5519423f2e6eda706fb6618af6883614
55
2022-03-24 12:02:11
5
76d36214a3a0bb58ca6c9e5d8c497d4a06e669784514e3f1ee464d8dda56a982
56
2022-03-24 03:08:38
3
e758445d787c165c579e2cf96dc1e874a7603ca69abff4471123f672fc09e740
56
2022-03-18 18:49:53
4

Rule Matches per Month (last 24 months)