MD5 Hash File type Added Source Yara
29e3ecd80faf6a015b05ed122d5e4945 PE32 2018-02-20 14:11:32http://myportal.fud.edu.ng/images/inc.jpg CuckooSandbox/vmdetect | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/IsBeyondImageSize | ...
831459fcc8c3d7f27d58b21417b82197 PE32 2018-02-20 14:11:06http://archive.fud.edu.ng/themes/engines/inc.jpg CuckooSandbox/vmdetect | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/IsBeyondImageSize | ...
09f1305bf6446675becbce188eaa23b7 PE32 2018-01-30 13:39:42http://abuchi.ru/maine.exe CuckooSandbox/vmdetect | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/IsBeyondImageSize | ...
1e5a88fc919f1dde5ce8c69cac45dc94 PE32 2018-01-30 11:32:02http://wesleymedsupply.com/Geek/Test.exe CuckooSandbox/vmdetect | YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | ...
fb15c826c7939f81fa1eb184c985ee07 HTML 2018-01-14 17:49:23http://upperlensmagazine.com/tOldHSYW CuckooSandbox/vmdetect | YRP/domain | YRP/url | YRP/contentis_base64 | YRP/VMWare_Detection | ...
f57e87d6501a9e54ab702ab3bcb25af6 HTML 2018-01-14 06:08:44http://upperlensmagazine.com/tOldHSYW CuckooSandbox/vmdetect | YRP/powershell | YRP/domain | YRP/IP | YRP/url | ...
90fd6c541df2dfecbc52bbd0d1700d1b HTML 2018-01-12 05:39:49http://upperlensmagazine.com/tOldHSYW CuckooSandbox/vmdetect | YRP/domain | YRP/IP | YRP/url | YRP/contentis_base64 | ...
e3ef5004b1fd00e24f90cfbfc2ecd1a9 HTML 2018-01-09 03:27:46http://upperlensmagazine.com/tOldHSYW CuckooSandbox/vmdetect | YRP/domain | YRP/IP | YRP/url | YRP/contentis_base64 | ...
8d8a1f19faf160a36a3167ffe7a2dbee PE32 2017-12-05 00:45:25http://letstrytomoney.000webhostapp.com/2.data CuckooSandbox/vmdetect | YRP/possible_includes_base64_packed_functions | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | ...
b7c418c941c17c41be7a3b1a560019ad PE32 2017-12-04 02:20:15http://translink.lk/images/31.exe CuckooSandbox/vmdetect |
7279cd963b7b206fadfa49fca3b7f57a PE32 2017-11-15 13:21:07http://38.130.218.117/tme.gif CuckooSandbox/vmdetect | YRP/possible_includes_base64_packed_functions | YRP/VC8_Microsoft_Corporation | YRP/Microsoft_Visual_Cpp_8 | YRP/IsPE32 | ...
ad75aa67ed2a0092901c74856ccf26d8 PE32 2017-11-11 03:41:32http://134.0.117.224/exe/1000.exe CuckooSandbox/vmdetect | YRP/VC8_Microsoft_Corporation | YRP/Microsoft_Visual_Cpp_8 | YRP/IsPE32 | YRP/IsWindowsGUI | ...
82a602c8f6c804f5f390ee094564bd7b PE32 2017-11-01 12:45:19http://vrvid.ru/rat.exe CuckooSandbox/vmdetect | YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | ...
01fd4ca272bc932836a5d4df0e75fccc PE32 2017-10-28 00:45:55http://warfalamey.ru/winhost.exe CuckooSandbox/vmdetect | YRP/suspicious_packer_section | YRP/VirtualPC_Detection | YRP/contentis_base64 | YRP/domain | ...
3fab4f385dceb08f10683bd847009a0f PE32 2017-10-07 14:02:30http://38.130.218.117/suk.gif CuckooSandbox/vmdetect | YRP/suspicious_packer_section | YRP/maldoc_find_kernel32_base_method_1 | YRP/VMWare_Detection | YRP/Qemu_Detection | ...