MalShare

A free Malware repository providing researchers access to samples, malicious feeds, and Yara results.

Recently added Samples

MD5 Hash	File type	Added	Source	Yara Hits
6916b8aa841613c7c3230891fe8d3f09	Dalvik	2020-04-08 19:54:30 UTC	User Submission	YRP/domain YRP/IP YRP/url [+] YRP/contentis_base64 YRP/android_meterpreter
c8d88f4fe9bdd6d643d6b22c97202332	PE32	2020-04-08 19:44:31 UTC	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasModified_DOS_Message YRP/domain YRP/contentis_base64 YRP/MALW_trickbot_bankBot FlorianRoth/DragonFly_APT_Sep17_3
5b78a53e8db2e90a663f2f7302f77040	PE32	2020-04-08 19:44:26 UTC	User Submission	CuckooSandbox/vmdetect YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsBeyondImageSize YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/VMWare_Detection YRP/VirtualBox_Detection YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__ConsoleCtrl YRP/vmdetect YRP/antivm_virtualbox YRP/inject_thread YRP/create_service YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/vmdetect_misc YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/memory_shylock YRP/Str_Win32_Winsock2_Library
ad0293b1da79b9f9ff019f3dffda461b	Dalvik	2020-04-08 19:44:04 UTC	User Submission	YRP/domain YRP/IP YRP/url [+] YRP/contentis_base64 YRP/Misc_Suspicious_Strings
b1cf4beb78e1210c1351cac9e64a5599	Dalvik	2020-04-08 19:14:11 UTC	User Submission	YRP/domain YRP/IP YRP/url [+] YRP/contentis_base64
ee2374183dd62c0bbc2dcd05f6d80cee	Dalvik	2020-04-08 19:14:02 UTC	User Submission	YRP/domain YRP/IP YRP/url [+] YRP/contentis_base64 YRP/Misc_Suspicious_Strings
05dbf88aceb639ed844bee27c79ff20d	PE32	2020-04-08 19:05:08 UTC	User Submission	CuckooSandbox/vmdetect
7bd154411e5bb601d420529cea474cae	Dalvik	2020-04-08 19:04:39 UTC	User Submission	YRP/domain YRP/IP YRP/url [+] YRP/contentis_base64 YRP/Misc_Suspicious_Strings
42d39346a5bc220a980a9f069a050fb0	PE32	2020-04-08 18:24:15 UTC	User Submission	YRP/Visual_Cpp_2005_Release_Microsoft YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 [+] YRP/IsPE32 YRP/IsConsole YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/network_dropper YRP/screenshot YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
135c5d12826828d3f684606a2a4cee08	PE32	2020-04-08 18:04:48 UTC	User Submission	CuckooSandbox/vmdetect

Total Samples: 3629589