MalShare

A free Malware repository providing researchers access to samples, malicous feeds, and Yara results.

Recently added Samples

MD5 Hash	File type	Added	Source	Yara Hits
206e35fcda875b7d8b14d22c9f3901fe	Composite	2018-07-19 00:08:28 UTC	User Submission	YRP/office_document_vba YRP/Contains_VBA_macro_code YRP/domain [+] YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Big_Numbers0
6153ddfc3b7e83a9f4b3f8ef5dd8d252	PE32	2018-07-18 23:38:43 UTC	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Sandboxie_Detection YRP/Dropper_Strings YRP/SEH__vba YRP/disable_dep YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_sbox YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/with_sqlite YRP/pony BAMFDetect/pony
9fa8033b1ef9debcdd9b3d017e602da4	PE32	2018-07-18 23:18:52 UTC	User Submission	BAMFDetect/pony
1b3a462994a5421f8c244613782228d1	PE32	2018-07-18 23:08:58 UTC	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Sandboxie_Detection YRP/Dropper_Strings YRP/SEH__vba YRP/disable_dep YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_sbox YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/with_sqlite YRP/pony BAMFDetect/pony
d4aaed04e804be212e069c0a68c56906	PE32	2018-07-18 23:08:42 UTC	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Sandboxie_Detection YRP/Dropper_Strings YRP/SEH__vba YRP/disable_dep YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_sbox YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/with_sqlite YRP/pony BAMFDetect/pony
44c35a3431018c6a03553bf3d3ccbda4	PE32	2018-07-18 22:49:37 UTC	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Sandboxie_Detection YRP/Dropper_Strings YRP/SEH__vba YRP/disable_dep YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_sbox YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/with_sqlite YRP/pony BAMFDetect/pony
5dd8cd3d35c165c0eec0bcaee9d8b316	PE32	2018-07-18 22:49:20 UTC	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Sandboxie_Detection YRP/Dropper_Strings YRP/SEH__vba YRP/disable_dep YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_sbox YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/with_sqlite YRP/pony BAMFDetect/pony
d14a8b2a0ef39ebd9f97be00cce97083	PE32	2018-07-18 22:49:04 UTC	User Submission	BAMFDetect/pony
0660bab4125dec11edd69289a3753484	PE32	2018-07-18 22:48:48 UTC	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
2d56f4e588fafe788b690bdc86cd7053	PE32	2018-07-18 22:48:46 UTC	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Sandboxie_Detection YRP/Dropper_Strings YRP/SEH__vba YRP/disable_dep YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_sbox YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/with_sqlite YRP/pony BAMFDetect/pony

Total Samples:2317059