2022-07-25 T08:36 GMT+8 rebeyond在GitHub上更新了冰蝎4.0。
新增多个特性,包括无文件内存马,经验证,SHELLPUB可完整检测冰蝎4.0。
关于“冰蝎”
检测
内存马专杀工具检测
OneEDR检测
相关样本
sha256 | md5 | 描述 |
6efd0920eda270d01dab8de9060ee847e875ed3fe3627c6ec775efacbba2ae72 | 638b15cba12dc170d13a91ad4b5e4156 | Behinder.jar |
5e9f6acdaf21f2f93fceaa18996a58ca34b518b75b61156d19ff24c37ded2191 | 3ea302b24aca8cd97b3bcd1276c44ca3 | json jsp |
988596eb5a7f19a2343032c61de3a38632dbc2682ab7e314125cdd1e9533ef50 | ad389fc59a29d66e5f44a9354171539f | xor php |
92368c08ec09b80eb4af6a1ffb7973071ca1d393257f15e99efe1de40aa59c2d | 65d87bc16518a4e33e868cb5a0555ffa | xor asp |
8c655466bf2b340db8166f50b61c233b5e39011dd039d450db2bb368c9e0b48a | d041c0181b76c7da83591e07449cac75 | xor aspx |
e87ec0d15c550a7db4b5bcaa6cb8c63c5e8207937a16867e6e8150ddc5d40db7 | 7c27754711d1f67c94d3cdbc6be9c3d8 | xor jsp |
988596eb5a7f19a2343032c61de3a38632dbc2682ab7e314125cdd1e9533ef50 | ad389fc59a29d66e5f44a9354171539f | xor base64 php |
ce8407de5c86bcc249d0e89c407ece6233c52d4eeed520ff54db6f9bde00eda8 | be8aaa55fc45296d40bf332ba762d80c | xor base64 jsp |
af7117c285d449dfcbd5cdd99678dfb9b3807dc183565ac7ed7d6636d4bf15a7 | af2687a7d19f0ee52b8f49a475ab8fd0 | aes php |
210da359b6447889dcdbe205b118e2565e88002016b61b01ac26169232634215 | 68772cf43532803b28d2aceefa61398d | aes aspx |
788f6be941d57d3fbe997821d3e021f14a4abc503f8f20454dcc7813c2183b6b | bb96d88d130943e0a1e708ac13df4358 | aes jsp |
9d773f5cbe81e8ceddf90e57814559cea3ae6fcae527635cb5aaa21acf1fcc4d | a52e26d8c3286c6005befb60cf2ab63c | image jsp |
参考链接
https://www.aqniu.com/vendor/73751.html
https://github.com/rebeyond/Behinder
联系我们
QQ交流群:971146821
点击下方名片,关注我们
如果不想错过消息,可以星标
点击“阅读原文”,立即体验河马在线查杀
↙↙↙
如有侵权请联系:admin#unsafe.sh