MalShare

A free Malware repository providing researchers access to samples, malicious feeds, and Yara results.

Recently added Samples

MD5 Hash	File type	Added	Source	Yara Hits
af83b2ac542183f4dfcc29deca77263b	PE32	2020-06-02 04:49:06 UTC	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional [+] YRP/Microsoft_Visual_Cpp_50 YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/win_files_operation YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API FlorianRoth/DragonFly_APT_Sep17_3
d1d6755706a2886b37e8e07c32d6354e	PE32	2020-06-02 00:13:15 UTC	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET [+] YRP/Microsoft_Visual_Studio_NET_additional YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_smtp_dotNet FlorianRoth/DragonFly_APT_Sep17_3
05dda70917d87d7094a07924b81f696b	PE32	2020-06-02 00:13:03 UTC	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET [+] YRP/Microsoft_Visual_Studio_NET_additional YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
24265d70ced3945306913b18b9f09acb	PE32	2020-06-02 00:12:50 UTC	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET [+] YRP/Microsoft_Visual_Studio_NET_additional YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_smtp_dotNet FlorianRoth/DragonFly_APT_Sep17_3
26de2e2b00abf5cf4e0c5d81b6f83fb8	PE32	2020-06-02 00:12:38 UTC	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET [+] YRP/Microsoft_Visual_Studio_NET_additional YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings FlorianRoth/DragonFly_APT_Sep17_3
71f9582d6b61654be73810ddf1951996	PE32	2020-06-02 00:12:23 UTC	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET [+] YRP/Microsoft_Visual_Studio_NET_additional YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings FlorianRoth/DragonFly_APT_Sep17_3
1e1cddbcfb56b0f20604fa6db7c9d8b4	PE32	2020-06-02 00:00:29 UTC	http://176.123.7.51/22JUM.exe	YRP/Visual_Cpp_2003_DLL_Microsoft YRP/IsPE32 YRP/IsConsole [+] YRP/IsPacked YRP/HasDebugData YRP/IsBeyondImageSize YRP/domain YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_files_operation YRP/Big_Numbers0 YRP/suspicious_packer_section
16942416ad076c9bf203e751e9262a3f	XML	2020-06-01 22:50:07 UTC	User Submission
a368dccce2c96fd9ce2625d503dae676	XML	2020-06-01 22:50:06 UTC	User Submission
44dbb007f1a18d8d06ef90f80e68276b	XML	2020-06-01 22:50:06 UTC	User Submission

Total Samples: 3661336