MalShare

Recently added Samples

SHA256 Hash	File type	Added	Source	Yara Hits
6050474ed01e0ce0b7c4d820c0a0646da41f210076567c135ddcf2898d0d8299	PE32	2024-10-16 01:43:00 UTC	User Submission	YRP/contentis_base64 YRP/domain YRP/gem [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsDLL YRP/HasDebugData YRP/HasRichSignature FlorianRoth/DragonFly_APT_Sep17_3
de5040dff8c10e51989b89c006d79a3c1c2fba6b6ad416f8699e7ca3f5a0b302	PE32	2024-10-16 01:42:55 UTC	User Submission	YRP/CRC32_poly_Constant YRP/IP YRP/contentis_base64 [+] YRP/domain YRP/url YRP/nullsoft_streaming_video YRP/excel_XML YRP/gem YRP/pgml YRP/amf YRP/x3d YRP/_3dxml YRP/screenshot YRP/win_registry YRP/suspicious_packer_section YRP/UPX YRP/UPX_v0896_v102_v105_v122_Delphi_stub_additional YRP/UPX_v0896_v102_v105_v122_Delphi_stub_Laszlo_Markus YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/MSLRH_V031_emadicius YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/UPX_v0896_v102_v105_v122_Delphi_stub YRP/UPX_wwwupxsourceforgenet YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPXProtectorv10x2 YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasDigitalSignature
cea2294b5f20e61557efaac7892b2a122cb69c046ed168d18de24a7e76b1bdcd	PE32	2024-10-16 01:42:51 UTC	User Submission	YRP/contentis_base64 YRP/domain YRP/url [+] YRP/jpg_with_EXIF YRP/SEH__vba YRP/suspicious_packer_section YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasModified_DOS_Message YRP/HasRichSignature
bc700aa32cc706bb6511d0203c07a60589e97e0180853a033ccddcefa8574de7	MS-DOS	2024-10-16 01:42:47 UTC	User Submission	YRP/maldoc_getEIP_method_1 YRP/IP YRP/contentis_base64 [+] YRP/domain YRP/excel_XML YRP/pgml YRP/amf YRP/x3d YRP/_3dxml YRP/win_registry YRP/suspicious_packer_section YRP/MPRESS_V200_V20X_MATCODE_Software_20090423 YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/mpress_2_xx_x86 YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasModified_DOS_Message
31a8228c7cb3af155ec1a1b1c2a8b62e7da54b51484622754a63196ee6dd5583	Zip	2024-10-16 01:42:41 UTC	User Submission	YRP/Big_Numbers1 YRP/IP YRP/contentis_base64 [+] YRP/domain YRP/url YRP/png YRP/excel_2007 YRP/gif_bitmap YRP/corel_draw_compressed YRP/hpgl YRP/odg YRP/_3dxml_compressed YRP/android_meterpreter YRP/suspicious_packer_section YRP/JavaDropper YRP/possible_includes_base64_packed_functions KevTheHermit/JavaDropper
da3f3045fa9039f5ce6da8956393823a1c7ac8e85d87f56f999772b64b568f4f	PE32	2024-10-16 01:42:28 UTC	User Submission	YRP/contentis_base64 YRP/domain YRP/IsPE32 [+] YRP/IsConsole FlorianRoth/DragonFly_APT_Sep17_3
fa719ab2b5b65b7c964f7be4c21ba603d888e317450dde04928430914adf0e4c	Java	2024-10-16 01:42:23 UTC	User Submission	CuckooSandbox/shellcode YRP/Big_Numbers1 YRP/IP [+] YRP/contentis_base64 YRP/domain YRP/url YRP/png YRP/nullsoft_streaming_video YRP/excel_2007 YRP/jpg_with_EXIF YRP/corel_draw_compressed YRP/odg YRP/_3dxml_compressed
dcbd91fdb0c5e46737437c331aeeabc5f865e75ffcf76ed1b7da95b316f26c09	MS-DOS	2024-10-16 01:42:19 UTC	User Submission	YRP/IP YRP/contentis_base64 YRP/domain [+] YRP/excel_XML YRP/pgml YRP/amf YRP/x3d YRP/_3dxml YRP/suspicious_packer_section YRP/FSG_v20_additional YRP/FSG_20_bartxt YRP/FSG_v20_bartxt YRP/FSG_v20 YRP/FSGv20bartxt YRP/FSGv20 YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasModified_DOS_Message FlorianRoth/DragonFly_APT_Sep17_3
ad796ea1ee452bc59a71c9a82b2e516cca7ca63c577c6f3342350032a8d751a0	PE32	2024-10-16 01:42:17 UTC	User Submission	YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 [+] YRP/VC6_Random YRP/contentis_base64 YRP/domain YRP/escalate_priv YRP/win_token YRP/win_files_operation YRP/suspicious_packer_section YRP/UPX YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature
fc192d263a0233362a1a20e65a72a6c94efaa4b58e631c3350792768331ce5df	PE32	2024-10-16 01:42:06 UTC	User Submission	YRP/Delphi_FormShow YRP/Delphi_Copy YRP/Delphi_StrToInt [+] YRP/contentis_base64 YRP/domain YRP/prc YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/borland_delphi