MalShare

Recently added Samples

SHA256 Hash	File type	Added	Source	Yara Hits
52efc86a158e54f4312fbadea1854661e018ae92b561e8af3bee915a187bdf4a	PE32	2025-12-15 20:15:58 UTC	User Submission	YRP/Advapi_Hash_API YRP/Crypt32_CryptBinaryToString_API YRP/contentis_base64 [+] YRP/domain YRP/url YRP/nullsoft_streaming_video YRP/excel_XML YRP/gem YRP/x3d YRP/WMI_strings YRP/anti_dbg YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Str_Win32_Http_API YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature
9d170434ce5e71b4fc70d70070135b993cbadfde7d2c4136c4f224f7b0bc3238	PE32	2025-12-15 20:15:23 UTC	User Submission	YRP/IP YRP/contentis_base64 YRP/domain [+] YRP/url YRP/excel_XML YRP/pgml YRP/wmf YRP/amf YRP/xaml YRP/x3d YRP/_3dxml YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI FlorianRoth/DragonFly_APT_Sep17_3
fdd27c9085d26e237b7946b93fc48ffe84494eeee9678e7479027f87e845e527	PE32	2025-12-15 20:14:59 UTC	User Submission	YRP/contentis_base64 YRP/domain YRP/suspicious_packer_section [+] YRP/PeCompact_v208_Bitsum_Technologiessignature_by_loveboom YRP/PECompact_2x_Jeremy_Collake YRP/PECompact_20x_Heuristic_Mode_Jeremy_Collake YRP/PECompact_2xx_BitSum_Technologies YRP/PECompact_v2xx YRP/PECompact_V2X_Bitsum_Technologies_additional YRP/PECompact_V2X_Bitsum_Technologies YRP/PECompact_v20_additional YRP/PeCompact_2xx_BitSum_Technologies YRP/PeCompact_253_DLL_BitSum_Technologies_additional YRP/PECompact_v20 YRP/PeCompact_253_DLL_BitSum_Technologies YRP/PECompact_v2xx_additional YRP/PECompactV2XBitsumTechnologies YRP/PECompact2xxBitSumTechnologies YRP/PECompactv2xx YRP/pecompact2 YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasRichSignature FlorianRoth/DragonFly_APT_Sep17_3
9a2e1acb6cce59369e0c6ad530b00ffd65eb4183f3ecdeeb724ed8da43bdbb30	PE32	2025-12-15 20:14:24 UTC	User Submission	YRP/contentis_base64 YRP/domain YRP/ai_compressed [+] YRP/prc YRP/screenshot YRP/win_registry YRP/win_hook YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasModified_DOS_Message YRP/HasRichSignature
1f341b0c83385d048421dff996ae4c9aa46958b2975d4887e6a80ef93226b7d4	PE32	2025-12-15 20:14:13 UTC	User Submission	YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 [+] YRP/contentis_base64 YRP/domain YRP/Misc_Suspicious_Strings YRP/network_http YRP/win_files_operation YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature FlorianRoth/DragonFly_APT_Sep17_3
da6f727209e7771567adb2db80ab00328889af69d4f503fa9c3a4360b3bbabd8	PE32	2025-12-15 20:13:51 UTC	User Submission	YRP/contentis_base64 YRP/domain YRP/keylogger [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay
55f99f6fea93b17d44d93db9f2b338482bff305820f8179d9b9c5567b71e04f2	data	2025-12-15 20:13:39 UTC	User Submission	CuckooSandbox/vmdetect
94fa5c4146b4cee3827680fcc3a26bc453065a05a06ccdef299407869f8dcba7	PE32	2025-12-15 20:13:27 UTC	User Submission	YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 [+] YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/TEAN YRP/IP YRP/contentis_base64 YRP/domain YRP/url YRP/excel_XML YRP/gem YRP/pgml YRP/amf YRP/prc YRP/x3d YRP/_3dxml YRP/WMI_strings YRP/anti_dbg YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature
a9917ab2d6e3121f61ff5e058b7dc1832724e5d11fb5305b14a3cda3ac17b524	PE32	2025-12-15 20:13:03 UTC	User Submission	YRP/contentis_base64 YRP/domain YRP/gem [+] YRP/wmf YRP/SEH__vba YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature
868c5145c3110338586c8dd231793826b65ca540824529b64a731d413193ba4a	PE32	2025-12-15 20:12:51 UTC	User Submission	YRP/CRC32_poly_Constant YRP/CRC32_table YRP/contentis_base64 [+] YRP/domain YRP/url YRP/excel_2007 YRP/corel_draw_compressed YRP/gem YRP/odg YRP/_3dxml_compressed YRP/anti_dbg YRP/win_files_operation YRP/Str_Win32_Http_API YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature