MalShare

A free Malware repository providing researchers access to samples, malicous feeds, and Yara results.

Recently added Samples

MD5 Hash	File type	Added	Source	Yara Hits
97d6f44d21a17481f389ad62e48756f5	PE32	2018-08-17 01:08:03 UTC	http://78.142.19.172/~winvps/1_com/nna/svchos...	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional [+] YRP/Borland_Delphi_30_ YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/IsBeyondImageSize YRP/borland_delphi YRP/domain YRP/contentis_base64 YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/Big_Numbers0 YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Delphi_StrToInt YRP/Delphi_DecodeDate YRP/Str_Win32_Winsock2_Library
b936720ba3fa01ea2641ea178e4f0c78	Composite	2018-08-17 01:06:33 UTC	http://amqaz.com/newsletter/En/Invoice-for-se...	YRP/office_document_vba YRP/Office_AutoOpen_Macro YRP/Contains_VBA_macro_code [+] YRP/domain YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number FlorianRoth/Office_AutoOpen_Macro
4d15d93ec1a3882b22982ae07e7a8a6b	Composite	2018-08-17 01:05:55 UTC	http://humanoshaciaelfuturo.org/Wellsfargo/US...	YRP/office_document_vba YRP/Office_AutoOpen_Macro YRP/Contains_VBA_macro_code [+] YRP/domain YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number FlorianRoth/Office_AutoOpen_Macro
008d7df7d3d2c4261e7ffa217591bb37	Composite	2018-08-17 01:04:49 UTC	http://www.cabocitytours.com/bR7DDyoyj3oUURS	YRP/office_document_vba YRP/Office_AutoOpen_Macro YRP/Contains_VBA_macro_code [+] YRP/domain YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number FlorianRoth/Office_AutoOpen_Macro
2cb9ae25eebdb5dcfcb70726abaf9ba7	Composite	2018-08-17 01:03:11 UTC	http://stolpenconsulting.com/default/EN_en/IN...	YRP/possible_includes_base64_packed_functions YRP/office_document_vba YRP/Office_AutoOpen_Macro [+] YRP/Contains_VBA_macro_code YRP/domain YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Big_Numbers0 FlorianRoth/Office_AutoOpen_Macro
195c2e9ec6a201ece778a9e762cafbc4	Composite	2018-08-17 01:03:08 UTC	http://puw-netzwerk.eu/files/EN_en/Invoice-fo...	YRP/office_document_vba YRP/Office_AutoOpen_Macro YRP/Contains_VBA_macro_code [+] YRP/domain YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number FlorianRoth/Office_AutoOpen_Macro
4b98f8db50072a7d904c3db6865d89b5	Composite	2018-08-17 01:03:05 UTC	http://e-dsm.com.br/hDi6DKUlj2c1TZsyA	YRP/office_document_vba YRP/Office_AutoOpen_Macro YRP/Contains_VBA_macro_code [+] YRP/domain YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number FlorianRoth/Office_AutoOpen_Macro
75430df16d960cd78dc5ad6067932927	Composite	2018-08-17 01:02:44 UTC	http://darkmedia.devarts.pro/Wellsfargo/Comme...	YRP/office_document_vba YRP/Office_AutoOpen_Macro YRP/Contains_VBA_macro_code [+] YRP/domain YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number FlorianRoth/Office_AutoOpen_Macro
fcdb3441e1f79e7fc580cd9da04db5d7	data	2018-08-17 01:02:28 UTC	http://bigtvjoblist.com/uTcik	CuckooSandbox/embedded_pe YRP/domain YRP/contentis_base64
fbcf649977092322e62762330edc0c56	PE32	2018-08-17 01:02:25 UTC	http://assoaresadvocacia.com.br/hNY	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/domain YRP/contentis_base64

Total Samples:2351617