On this page... (hide)
Introduction
One of the sources for gathering malicious binaries is the usage of honeypot technology. This report lists the daily binary captures and the sources.
Fields
| Field | Description |
| md5 | MD5 hash of the downloaded binary |
| url | URL where the binary was downloaded from |
| url_asn | ASN location of the URL's IP |
| url_geo | Country of the URL's location |
Sample
"md5hash","url","url_asn","url_geo" "02e26297111a9850cce01e5bd03cfa45","ftp://1:1@67.207.232.254:54267/wingate32.exe",8025,"US" "14a09a48ad23fe0ea5a180bee8cb750a","ftp://1:1@88.165.70.3:43174/ssms.exe",12322,"FR" "14a09a48ad23fe0ea5a180bee8cb750a","ftp://1:1@88.171.15.7:53091/ssms.exe",12322,"FR" "14a09a48ad23fe0ea5a180bee8cb750a","tftp://85.179.111.223/ssms.exe",13184,"DE" "14a09a48ad23fe0ea5a180bee8cb750a","tftp://85.179.111.223:69/ssms.exe",13184,"DE" "14a09a48ad23fe0ea5a180bee8cb750a","tftp://85.244.0.251:69/ssms.exe",3243,"PT" "14a09a48ad23fe0ea5a180bee8cb750a","tftp://91.123.212.10/ssms.exe",42935,"PL" "14a09a48ad23fe0ea5a180bee8cb750a","tftp://91.43.200.61:69/ssms.exe",3320,"DE" "1a06582a3959f2730fada856772b4761","tftp://89.253.157.50:69/ssms.exe",20891,"BG" "1cc34fb692d9c0dd5612c354202c5b53","http://95.28.184.171:6725/x.exe",8402,"UK" "1d419d615dbe5a238bbaa569b3829a23","ftp://88.220.157.161:1535/ssms.exe",20804,"PL" "1d419d615dbe5a238bbaa569b3829a23","tftp://64.1.77.229/ssms.exe",14359,"US"
<< | Reports | >>
