MalShare

A free Malware repository providing researchers access to samples, malicious feeds, and Yara results.

Recently added Samples

MD5 Hash	File type	Added	Source	Yara Hits
5f3441016a0cbecb8b331586082ac6a8	PE32	2020-04-06 03:26:40 UTC	Zemana Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET [+] YRP/Microsoft_Visual_Studio_NET_additional YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/IsBeyondImageSize YRP/domain YRP/IP YRP/url YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
61201fe9992dae48b0605eb2e4deb770	PE32	2020-04-06 03:26:36 UTC	Zemana Submission
7dffd0c312452858da6fa44b9d5535d5	PE32	2020-04-06 03:26:04 UTC	Zemana Submission
aeaee72830dcb100dbdf3d4a1cdad05f	PE32	2020-04-06 03:25:32 UTC	Zemana Submission	YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_Random
82a57f755a22803fdde263f7f3dafb3b	PE32+	2020-04-06 03:25:26 UTC	Zemana Submission	YRP/IsPE64 YRP/IsWindowsGUI YRP/HasModified_DOS_Message [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
faa6797b0941a9b593e252def57043b9	PE32	2020-04-06 03:25:24 UTC	Zemana Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/IsPacked YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/TEAN
af7029afc846c5a60c540378067cbe34	PE32	2020-04-06 03:25:20 UTC	Zemana Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET [+] YRP/Microsoft_Visual_Studio_NET_additional YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64
3541d5ce6bb920f026b582c8b6d5a2de	PE32	2020-04-06 03:25:11 UTC	Zemana Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/escalate_priv YRP/screenshot YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant
bd4643dfe96d717b7dc4f73410ead4dc	PE32	2020-04-06 03:24:07 UTC	Zemana Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasDebugData [+] YRP/IsBeyondImageSize YRP/domain YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
535bd542a9de604ab342af063ce9d003	ASCII	2020-04-06 03:24:00 UTC	Zemana Submission	YRP/domain YRP/url YRP/contentis_base64 [+] YRP/suspicious_packer_section

Total Samples: 3628350