MalShare

A free Malware repository providing researchers access to samples, malicious feeds, and Yara results.

Recently added Samples

MD5 Hash	File type	Added	Source	Yara Hits
4133f3cbaf5b5bf28dd07b3995004ab2	ELF	2021-01-19 18:21:20 UTC	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP [+] YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/android_meterpreter YRP/CRC32_poly_Constant YRP/XOR_DDosv1 YRP/ldpreload
05a731ced9ba430ae2ebc0e394fde199	PE32	2021-01-19 17:41:08 UTC	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET [+] YRP/Microsoft_Visual_Studio_NET_additional YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasOverlay YRP/domain YRP/url YRP/contentis_base64
d9915116ed657bd6b21f319291c5dfac	7-zip	2021-01-19 17:41:05 UTC	User Submission	CuckooSandbox/shellcode YRP/domain
61be9dca53b653fdbd76e7b12c3a6a36	PE32	2021-01-19 17:40:28 UTC	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional [+] YRP/Borland_Delphi_30_ YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/borland_delphi YRP/domain YRP/url YRP/contentis_base64 YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Delphi_Random YRP/Delphi_CompareCall YRP/Delphi_Copy
f476bb0f2f6e2820cd6bc54150dbb4af	7-zip	2021-01-19 17:40:23 UTC	User Submission	YRP/domain
db3f95f2c39e8547f1fa72c608a8be11	PE32	2021-01-19 17:18:04 UTC	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET [+] YRP/Microsoft_Visual_Studio_NET_additional YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_smtp_dotNet YRP/keylogger YRP/win_hook YRP/CRC32_poly_Constant
5e96cbf51ced602d0c5b623b7bf30f7b	PE32	2021-01-19 17:17:12 UTC	User Submission	YRP/Microsoft_Visual_C_Basic_NET YRP/NETexecutableMicrosoft YRP/IsPE32 [+] YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/contentis_base64 YRP/Big_Numbers0
571f583973ac26c262c7e5ba9959e243	PE32	2021-01-19 16:32:21 UTC	User Submission	YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE [+] YRP/IsWindowsGUI YRP/IsPacked YRP/HasDebugData YRP/maldoc_indirect_function_call_3 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Antivirus YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/escalate_priv YRP/win_token YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CAP_HookExKeylogger
0df4fee49a8ee5cc6b0f780014848524	PE32	2021-01-19 16:04:20 UTC	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional [+] YRP/Microsoft_Visual_Cpp_50 YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/contentis_base64 YRP/network_tcp_listen YRP/network_dropper
394f9f303f2a0039f204a23c0a5ad1a7	PE32	2021-01-19 16:04:05 UTC	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional [+] YRP/Microsoft_Visual_Cpp_50 YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/contentis_base64 YRP/network_tcp_listen YRP/network_dropper

Total Samples: 3825743