MalShare

SHA256 Hash	File type	Added	Source	Yara Hits
68213d7ee40a84dc6133d39e866ecf0a99e45a52c9b2c685e83d0db72dc1f093	PE32	2022-02-23 15:07:07	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw
7161c6204c2c76c10d0e795f2c35d661865673387cebbeed83fb3c368ce53b28	PE32	2021-09-29 08:06:17	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
00bca7bf091b6a71cc29943becde20225f02cd58ca3aa9c5fcb326a02c1eda3f	PE32	2021-09-29 08:06:12	User Submission	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/UPX_290_LZMA [+] YRP/UPX_290_LZMA_Markus_Oberhumer_Laszlo_Molnar_John_Reiser YRP/UPX_290_LZMA_additional YRP/UPX_wwwupxsourceforgenet YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/UPX290LZMAMarkusOberhumerLaszloMolnarJohnReiser YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
dedb1eb8e4e7d6037502e490ba95fb0eed3cccd15535049049783f3915ecee49	PE32	2021-09-29 08:05:59	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
f02eca433cdb78186c1614b914ff4aa8da47dd430e8288ad721bd1da610f32d5	PE32	2021-09-22 14:09:03	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
40b479d2688a659e57197715395f78c1801d4ed2ff275d59149c52ec9fb01498	PE32	2021-09-21 09:02:03	User Submission	YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/PEArmor04600759hying [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
0299873f0af5ab2c748acc85079cbde69b22a79652e91bf90527b8e8a83bc7a0	PE32	2021-09-14 10:32:05	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
f329a71beb604b6c9b424b8b7d00d84b92092af72e056aa091a112cae8e9af94	PE32	2021-09-09 12:06:39	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
c9a082e642689853b0160b32e059e51187d7a40599b48790003d9e28e107a8d5	PE32	2021-09-08 10:09:38	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
5b003e112ab22c2689cdf5379d7fc64da81f9fa7b0945632c9f489ca1a39192f	PE32	2021-09-07 07:13:12	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
b77f695ff45d0ae0eeafef3dd41ae7c89bc56036a3ef0f4168509bae54c8db9c	PE32	2021-09-07 07:13:03	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
bc23e863023b8d708341aa5fddf8aaa2b3c2b778edd9309b80304a980bba9ee0	PE32	2021-09-06 07:08:55	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
eb0d18828cbd76d92a2577259a0946a40bc93b251f782c00e8cb59236d5f7953	PE32	2021-09-06 07:08:46	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
a7259b65a4acac8f1ef4a5cfdced39a996e97450944ac90a306b5ea71b727cc8	PE32	2021-09-03 10:10:43	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
af5450d6ec23249783f1119c8716059194be2e40f4574f697dab72eac0223092	PE32	2021-08-31 11:03:20	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
9db3c2b121634ebe5e26bcc55916ab2832f36d6307f2c0dec14690e490a65006	PE32	2021-08-31 11:02:56	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
f5c08762d36ba7d97daafa01d3dfd4069738e539a49876de92b602ceaa4a2448	PE32	2020-07-10 22:09:07	User Submission	YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/PEArmor04600759hying [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
e78260176bde35809429c3c1aef69779a69e4b8a5f10c5090633fd74f451cf80	PE32	2020-07-10 21:03:54	User Submission	YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/PEArmor04600759hying [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
e715972971f15c872a8d580bcae224ed814a7040d768c9618c7e5fde2b7dcdcc	PE32	2020-07-10 21:02:44	User Submission	YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/PEArmor04600759hying [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
ddc5dbf4ab3c28e8c15472f488bc745d777f0da649db682382e8134b52b9bc2b	PE32	2020-07-10 20:13:40	User Submission	YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/PEArmor04600759hying [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
d1781faa8ab58274c09930159628b56964224dbbd81175bebe54fd765d7040b1	PE32	2020-07-10 19:16:08	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
d08c8807b5e3024c8efd035fbc87974c9c827e5ccccca9bfeb62302ed09b47ac	PE32	2020-07-10 19:11:55	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
a3e81f89f150a4c37a8e4eb360974080040d6e4b7ef5c9426c6beb59d9e402a3	PE32	2020-07-10 18:24:47	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
c7a36025aba85847a00d75a18f4a37e9ba0dcf02af3fa4bb7dab0fcd162a73f2	PE32	2020-07-10 18:24:41	User Submission	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/UPX_290_LZMA [+] YRP/UPX_290_LZMA_Markus_Oberhumer_Laszlo_Molnar_John_Reiser YRP/UPX_290_LZMA_additional YRP/UPX_wwwupxsourceforgenet YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/UPX290LZMAMarkusOberhumerLaszloMolnarJohnReiser YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
bdaa1f1e7cef21f9839bac4e3333a7a9f8516ec79373bd6c4dc7bdf101352f3e	PE32	2020-07-10 17:41:02	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
bd77dae8fd35a43cfcc66ede66d88049f112dbc59320f022ed9eb055df2b3026	PE32	2020-07-10 17:39:54	User Submission	YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/PEArmor04600759hying [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
abf7bc6ec223131363607a76eaf1a9d6edd062788eefed7ee77e547aa3a089be	PE32	2020-07-10 16:20:37	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
97c67f29dab3d99e9c3f90c41d77c53f7a35051193ff9b84ba782a1f951d753c	PE32	2020-07-08 20:22:09	User Submission	YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/PEArmor04600759hying [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
7bf12df757d7ed00b917413f555c92fbfb620f03b8f1950c6b60c95afef86a35	PE32	2020-07-08 16:40:55	User Submission	YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/PEArmor04600759hying [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
68a2a72901319ae92d425ab8201dc30ad4d87f9311793a840cbf39fce0e1c89c	PE32	2020-07-08 15:25:08	User Submission	YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/PEArmor04600759hying [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
0f9f77eba0b85f9836d0b7883242c78339d6defc29e1c57698d133ba773eae67	PE32	2020-07-08 15:07:55	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
646a01d9270e0b7a03e3d4f656d2838662a63f609db98bef011fa3263e499e72	PE32	2020-07-08 15:07:46	User Submission	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/UPX_290_LZMA [+] YRP/UPX_290_LZMA_Markus_Oberhumer_Laszlo_Molnar_John_Reiser YRP/UPX_290_LZMA_additional YRP/UPX_wwwupxsourceforgenet YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/UPX290LZMAMarkusOberhumerLaszloMolnarJohnReiser YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
246406e4757a91f65975cc634d931d494d8b74ebf08b42c83304d67e0e4c462c	PE32	2020-07-08 14:14:27	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
53d1eb2f2386f49c84362490e24b3f2c632176f05c924d5bc900ae3eea5beaa7	PE32	2020-07-08 14:14:21	User Submission	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/UPX_290_LZMA [+] YRP/UPX_290_LZMA_Markus_Oberhumer_Laszlo_Molnar_John_Reiser YRP/UPX_290_LZMA_additional YRP/UPX_wwwupxsourceforgenet YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/UPX290LZMAMarkusOberhumerLaszloMolnarJohnReiser YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
43270283e66eeb8f238340d2d68641cf52d704b22eb43b322e56bb1bcc62a53f	PE32	2020-07-08 13:04:00	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
74fe4758be86e7eeb1251553c476f0dd4d263d03f1e4ae820bcc65354f6725da	PE32	2020-07-08 12:54:06	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
3fea963e4ec343fcdd78c82c57cf8530bd2a838412b8c9267b44c8fe346cff71	PE32	2020-07-08 12:53:52	User Submission	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/UPX_290_LZMA [+] YRP/UPX_290_LZMA_Markus_Oberhumer_Laszlo_Molnar_John_Reiser YRP/UPX_290_LZMA_additional YRP/UPX_wwwupxsourceforgenet YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/UPX290LZMAMarkusOberhumerLaszloMolnarJohnReiser YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
35cb51e96744ab0af3bf4c05a7e4d5d60a49df83c9b382a846528c88e9cc471b	PE32	2020-07-08 11:52:17	User Submission	YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/PEArmor04600759hying [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
185f83e6fe546128b0b105a9759354174d3cafda1ac3d2efe41d78ed6cc638d1	PE32	2020-07-08 09:39:32	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
0ca4bc953a3693d837ae88aea5692d8c09bfceb5d4264fb8fe910f81c629dd2e	PE32	2020-07-08 08:53:41	User Submission	YRP/PEArmor04600759hying YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
5177e726b7f6e94dff26d5608171696919365e1490f3c39b2ac11c14a44c2ae2	PE32	2020-07-07 19:22:03	User Submission	YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/PEArmor04600759hying [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
ee5a3419365f997d9b498192b1879bca2d8c807ae7f5ea21633a0d55533bac7e	PE32	2020-03-20 14:33:53	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/create_service YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_registry YRP/win_token YRP/BASE64_table YRP/Ammyy_Admin_AA_v3
c465f304cb946868f7a85b6fe934798f06d9a012e9d90e3425dc14d82d7ba9c7	PE32	2020-02-28 23:43:37	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 [+] YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/cred_local YRP/rat_rdp YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
843e766ea416b6d75226ef6c56a6394cc5c65ba83cddb7a7f3664bc32addf283	PE32	2020-02-25 02:33:58	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasModified_DOS_Message YRP/maldoc_find_kernel32_base_method_1 [+] YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/cred_local YRP/rat_rdp YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
e547d91069da5c9ec6b2a5f2f0d245b33f8529c2e3a98eb90dac8b39ef26c5c4	PE32	2020-02-22 09:43:29	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasModified_DOS_Message YRP/maldoc_find_kernel32_base_method_1 [+] YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/cred_local YRP/rat_rdp YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
4aacad73334de2fdba3b1ad071af2061e545cb5d993dffbf10ef33197739dfb1	PE32	2020-01-28 14:15:25	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 [+] YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/cred_local YRP/rat_rdp YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
ba992179336a255b6274e8f7372f741a85305da0b1ee4ce1e5e73d5f3d57e181	PE32	2020-01-13 13:02:56	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3
6734f72131ca00824ee65f6ce62c7c99d4790323a70c3985bc6aaca0bce94a2b	ASCII	2019-10-26 13:01:30	User Submission	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/powershell YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/network_tcp_socket YRP/escalate_priv YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Cerberus YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section YRP/WindowsCredentialEditor YRP/Amplia_Security_Tool YRP/PwDump YRP/PScan_Portscan_1 YRP/HackTool_Samples YRP/Fierce2 YRP/Ncrack YRP/SQLMap YRP/PortScanner YRP/NetBIOS_Name_Scanner YRP/FeliksPack3___Scanners_ipscan YRP/IP_Stealing_Utilities YRP/PortRacer YRP/scanarator YRP/_Bitchin_Threads_ YRP/portscan YRP/ProPort_zip_Folder_ProPort YRP/StealthWasp_s_Basic_PortScanner_v1_2 YRP/BluesPortScan YRP/scanarator_iis YRP/Angry_IP_Scanner_v2_08_ipscan YRP/crack_Loader YRP/CN_Packed_Scanner YRP/Beastdoor_Backdoor YRP/Powershell_Netcat YRP/CN_Hacktool_MilkT_Scanner YRP/WCE_Modified_1_1014 YRP/iKAT_command_lines_agent YRP/iKAT_startbar YRP/BypassUac2 YRP/BypassUac_9 YRP/APT_Proxy_Malware_Packed_dev YRP/Ncat_Hacktools_CN YRP/MS08_067_Exploit_Hacktools_CN YRP/Hacktools_CN_Burst_sql YRP/Hacktools_CN_Panda_445TOOL YRP/Hacktools_CN_WinEggDrop YRP/Hacktools_CN_Panda_Burst YRP/Hacktools_CN_GOGOGO_Bat YRP/Hacktools_CN_Burst_pass YRP/Hacktools_CN_JoHor_Posts_Killer YRP/Hacktools_CN_Burst_Start YRP/Hacktools_CN_Burst_Blast YRP/VUBrute_VUBrute YRP/VUBrute_config YRP/sig_238_listip YRP/ArtTrayHookDll YRP/EditServer_HackTool YRP/sig_238_letmein YRP/sig_238_token YRP/sig_238_webget YRP/ASPack_Chinese YRP/EditKeyLogReadMe YRP/PassSniffer_zip_Folder_readme YRP/EditKeyLog YRP/PassSniffer YRP/UnPack_rar_Folder_InjectT YRP/Jc_WinEggDrop_Shell YRP/UnPack_rar_Folder_TBack YRP/ByPassFireWall_zip_Folder_Inject YRP/sig_238_sqlcmd YRP/sig_238_2323 YRP/CleanIISLog YRP/sqlcheck YRP/sig_238_RunAsEx YRP/SplitJoin_V1_3_3_rar_Folder_3 YRP/InstGina YRP/sig_238_findoor YRP/WinEggDropShellFinal_zip_Folder_InjectT YRP/gina_zip_Folder_gina YRP/sig_238_xsniff YRP/sig_238_fscan YRP/_FsHttp_FsPop_FsSniffer YRP/Ammyy_Admin_AA_v3 YRP/LinuxHacktool_eyes_scanssh YRP/LinuxHacktool_eyes_pscan2 YRP/LinuxHacktool_eyes_a YRP/LinuxHacktool_eyes_mass YRP/CN_Toolset__XScanLib_XScanLib_XScanLib YRP/CN_Toolset_NTscan_PipeCmd YRP/CN_Toolset_sig_1433_135_sqlr YRP/Mimikatz_Memory_Rule_1 YRP/Mimikatz_Memory_Rule_2 YRP/Mimikatz_Logfile YRP/VSSown_VBS FlorianRoth/Invoke_Mimikatz FlorianRoth/Hacktool_Strings_p0wnedShell
b43eed84ed03f00a34d0aa4400aff9f6fad795782364f2f19524c5ef12d9f918	ASCII	2019-10-26 12:42:57	User Submission	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/powershell YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/network_tcp_socket YRP/escalate_priv YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Cerberus YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section YRP/WindowsCredentialEditor YRP/Amplia_Security_Tool YRP/PwDump YRP/PScan_Portscan_1 YRP/HackTool_Samples YRP/Fierce2 YRP/Ncrack YRP/SQLMap YRP/PortScanner YRP/NetBIOS_Name_Scanner YRP/FeliksPack3___Scanners_ipscan YRP/IP_Stealing_Utilities YRP/PortRacer YRP/scanarator YRP/_Bitchin_Threads_ YRP/portscan YRP/ProPort_zip_Folder_ProPort YRP/StealthWasp_s_Basic_PortScanner_v1_2 YRP/BluesPortScan YRP/scanarator_iis YRP/Angry_IP_Scanner_v2_08_ipscan YRP/crack_Loader YRP/CN_Packed_Scanner YRP/Beastdoor_Backdoor YRP/Powershell_Netcat YRP/CN_Hacktool_MilkT_Scanner YRP/WCE_Modified_1_1014 YRP/iKAT_command_lines_agent YRP/iKAT_startbar YRP/BypassUac2 YRP/BypassUac_9 YRP/APT_Proxy_Malware_Packed_dev YRP/Ncat_Hacktools_CN YRP/MS08_067_Exploit_Hacktools_CN YRP/Hacktools_CN_Burst_sql YRP/Hacktools_CN_Panda_445TOOL YRP/Hacktools_CN_WinEggDrop YRP/Hacktools_CN_Panda_Burst YRP/Hacktools_CN_GOGOGO_Bat YRP/Hacktools_CN_Burst_pass YRP/Hacktools_CN_JoHor_Posts_Killer YRP/Hacktools_CN_Burst_Start YRP/Hacktools_CN_Burst_Blast YRP/VUBrute_VUBrute YRP/VUBrute_config YRP/sig_238_listip YRP/ArtTrayHookDll YRP/EditServer_HackTool YRP/sig_238_letmein YRP/sig_238_token YRP/sig_238_webget YRP/ASPack_Chinese YRP/sig_238_filespy YRP/EditKeyLogReadMe YRP/PassSniffer_zip_Folder_readme YRP/EditKeyLog YRP/PassSniffer YRP/UnPack_rar_Folder_InjectT YRP/Jc_WinEggDrop_Shell YRP/UnPack_rar_Folder_TBack YRP/ByPassFireWall_zip_Folder_Inject YRP/sig_238_sqlcmd YRP/sig_238_2323 YRP/CleanIISLog YRP/sqlcheck YRP/sig_238_RunAsEx YRP/SplitJoin_V1_3_3_rar_Folder_3 YRP/InstGina YRP/sig_238_findoor YRP/WinEggDropShellFinal_zip_Folder_InjectT YRP/gina_zip_Folder_gina YRP/sig_238_xsniff YRP/sig_238_fscan YRP/_FsHttp_FsPop_FsSniffer YRP/Ammyy_Admin_AA_v3 YRP/LinuxHacktool_eyes_scanssh YRP/LinuxHacktool_eyes_pscan2 YRP/LinuxHacktool_eyes_a YRP/LinuxHacktool_eyes_mass YRP/CN_Toolset__XScanLib_XScanLib_XScanLib YRP/CN_Toolset_NTscan_PipeCmd YRP/CN_Toolset_sig_1433_135_sqlr YRP/Mimikatz_Memory_Rule_1 YRP/Mimikatz_Memory_Rule_2 YRP/Mimikatz_Logfile YRP/VSSown_VBS FlorianRoth/Hacktool_Strings_p0wnedShell
cbe49990221fd31d7a34255c5c069fd503a3f7962403fbd9517d8faea7e5c4d0	ASCII	2019-10-25 20:24:07	User Submission	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/powershell YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/network_tcp_socket YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Cerberus YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/suspicious_packer_section YRP/WindowsCredentialEditor YRP/Amplia_Security_Tool YRP/PwDump YRP/PScan_Portscan_1 YRP/HackTool_Samples YRP/Fierce2 YRP/Ncrack YRP/SQLMap YRP/PortScanner YRP/NetBIOS_Name_Scanner YRP/FeliksPack3___Scanners_ipscan YRP/IP_Stealing_Utilities YRP/PortRacer YRP/scanarator YRP/_Bitchin_Threads_ YRP/portscan YRP/ProPort_zip_Folder_ProPort YRP/StealthWasp_s_Basic_PortScanner_v1_2 YRP/BluesPortScan YRP/scanarator_iis YRP/Angry_IP_Scanner_v2_08_ipscan YRP/crack_Loader YRP/CN_Packed_Scanner YRP/Beastdoor_Backdoor YRP/Powershell_Netcat YRP/CN_Hacktool_MilkT_Scanner YRP/WCE_Modified_1_1014 YRP/iKAT_command_lines_agent YRP/iKAT_startbar YRP/BypassUac2 YRP/BypassUac_9 YRP/APT_Proxy_Malware_Packed_dev YRP/Ncat_Hacktools_CN YRP/MS08_067_Exploit_Hacktools_CN YRP/Hacktools_CN_Burst_sql YRP/Hacktools_CN_Panda_445TOOL YRP/Hacktools_CN_WinEggDrop YRP/Hacktools_CN_Panda_Burst YRP/Hacktools_CN_GOGOGO_Bat YRP/Hacktools_CN_Burst_pass YRP/Hacktools_CN_JoHor_Posts_Killer YRP/Hacktools_CN_Burst_Start YRP/Hacktools_CN_Burst_Blast YRP/VUBrute_VUBrute YRP/VUBrute_config YRP/sig_238_listip YRP/ArtTrayHookDll YRP/EditServer_HackTool YRP/sig_238_letmein YRP/sig_238_token YRP/sig_238_webget YRP/ASPack_Chinese YRP/sig_238_filespy YRP/EditKeyLogReadMe YRP/PassSniffer_zip_Folder_readme YRP/EditKeyLog YRP/PassSniffer YRP/UnPack_rar_Folder_InjectT YRP/Jc_WinEggDrop_Shell YRP/UnPack_rar_Folder_TBack YRP/ByPassFireWall_zip_Folder_Inject YRP/sig_238_sqlcmd YRP/sig_238_2323 YRP/CleanIISLog YRP/sqlcheck YRP/sig_238_RunAsEx YRP/SplitJoin_V1_3_3_rar_Folder_3 YRP/InstGina YRP/sig_238_findoor YRP/WinEggDropShellFinal_zip_Folder_InjectT YRP/gina_zip_Folder_gina YRP/sig_238_xsniff YRP/sig_238_fscan YRP/_FsHttp_FsPop_FsSniffer YRP/Ammyy_Admin_AA_v3 YRP/LinuxHacktool_eyes_scanssh YRP/LinuxHacktool_eyes_pscan2 YRP/LinuxHacktool_eyes_a YRP/LinuxHacktool_eyes_mass YRP/CN_Toolset__XScanLib_XScanLib_XScanLib YRP/CN_Toolset_NTscan_PipeCmd YRP/CN_Toolset_sig_1433_135_sqlr YRP/Mimikatz_Memory_Rule_1 YRP/Mimikatz_Memory_Rule_2 YRP/Mimikatz_Logfile YRP/VSSown_VBS FlorianRoth/Hacktool_Strings_p0wnedShell
ae028902f38096b22c1b553ce8d10d173100268ec61f40f5f3be763de4e39603	ASCII	2019-10-25 20:24:07	User Submission	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/powershell YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/network_tcp_socket YRP/escalate_priv YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Cerberus YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section YRP/WindowsCredentialEditor YRP/Amplia_Security_Tool YRP/PwDump YRP/PScan_Portscan_1 YRP/HackTool_Samples YRP/Fierce2 YRP/Ncrack YRP/SQLMap YRP/PortScanner YRP/NetBIOS_Name_Scanner YRP/FeliksPack3___Scanners_ipscan YRP/IP_Stealing_Utilities YRP/PortRacer YRP/scanarator YRP/_Bitchin_Threads_ YRP/portscan YRP/ProPort_zip_Folder_ProPort YRP/StealthWasp_s_Basic_PortScanner_v1_2 YRP/BluesPortScan YRP/scanarator_iis YRP/Angry_IP_Scanner_v2_08_ipscan YRP/crack_Loader YRP/CN_Packed_Scanner YRP/Beastdoor_Backdoor YRP/Powershell_Netcat YRP/CN_Hacktool_MilkT_Scanner YRP/WCE_Modified_1_1014 YRP/iKAT_command_lines_agent YRP/iKAT_startbar YRP/BypassUac2 YRP/BypassUac_9 YRP/APT_Proxy_Malware_Packed_dev YRP/Ncat_Hacktools_CN YRP/MS08_067_Exploit_Hacktools_CN YRP/Hacktools_CN_Burst_sql YRP/Hacktools_CN_Panda_445TOOL YRP/Hacktools_CN_WinEggDrop YRP/Hacktools_CN_Panda_Burst YRP/Hacktools_CN_GOGOGO_Bat YRP/Hacktools_CN_Burst_pass YRP/Hacktools_CN_JoHor_Posts_Killer YRP/Hacktools_CN_Burst_Start YRP/Hacktools_CN_Burst_Blast YRP/VUBrute_VUBrute YRP/VUBrute_config YRP/sig_238_listip YRP/ArtTrayHookDll YRP/EditServer_HackTool YRP/sig_238_letmein YRP/sig_238_token YRP/sig_238_webget YRP/ASPack_Chinese YRP/EditKeyLogReadMe YRP/PassSniffer_zip_Folder_readme YRP/EditKeyLog YRP/PassSniffer YRP/UnPack_rar_Folder_InjectT YRP/Jc_WinEggDrop_Shell YRP/UnPack_rar_Folder_TBack YRP/ByPassFireWall_zip_Folder_Inject YRP/sig_238_sqlcmd YRP/sig_238_2323 YRP/CleanIISLog YRP/sqlcheck YRP/sig_238_RunAsEx YRP/SplitJoin_V1_3_3_rar_Folder_3 YRP/InstGina YRP/sig_238_findoor YRP/WinEggDropShellFinal_zip_Folder_InjectT YRP/gina_zip_Folder_gina YRP/sig_238_xsniff YRP/sig_238_fscan YRP/_FsHttp_FsPop_FsSniffer YRP/Ammyy_Admin_AA_v3 YRP/LinuxHacktool_eyes_scanssh YRP/LinuxHacktool_eyes_pscan2 YRP/LinuxHacktool_eyes_a YRP/LinuxHacktool_eyes_mass YRP/CN_Toolset__XScanLib_XScanLib_XScanLib YRP/CN_Toolset_NTscan_PipeCmd YRP/CN_Toolset_sig_1433_135_sqlr YRP/Mimikatz_Memory_Rule_1 YRP/Mimikatz_Memory_Rule_2 YRP/Mimikatz_Logfile YRP/VSSown_VBS FlorianRoth/Invoke_Mimikatz FlorianRoth/Hacktool_Strings_p0wnedShell
fae6e8eead2044c31a28c271c540d7ab968bb59a075cf8641d4e3b767a83c2bf	data	2019-10-25 20:21:42	User Submission	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect YRP/webshell_iMHaPFtp_2 [+] YRP/webshell_caidao_shell_guo YRP/webshell_PHP_redcod YRP/webshell_php_sh_server YRP/webshell_cihshell_fix YRP/webshell_php_up YRP/webshell_asp_EFSO_2 YRP/webshell_jsp_up YRP/webshell_Server_Variables YRP/webshell_caidao_shell_ice_2 YRP/webshell_phpspy2010 YRP/webshell_asp_ice YRP/webshell_asp_404 YRP/webshell_webshell_cnseay02_1 YRP/webshell_php_fbi YRP/webshell_B374kPHP_B374k YRP/webshell_php_list YRP/webshell_caidao_shell_404 YRP/webshell_ASP_aspydrv YRP/webshell_Dx_Dx YRP/webshell_MySQL_Web_Interface_Version_0_8 YRP/webshell_phpkit_1_0_odd YRP/webshell_wsb_idc YRP/webshell_php_404 YRP/webshell_webshell_cnseay_x YRP/webshell_asp_up YRP/webshell_phpkit_0_1a_odd YRP/webshell_jsp_k81 YRP/webshell_jsp_cmdjsp YRP/webshell_Java_Shell YRP/webshell_PHP_r57142 YRP/webshell_simple_backdoor YRP/webshell_php_cmd YRP/webshell_PHP_co YRP/webshell_PHP_150 YRP/webshell_PHP_c37 YRP/webshell_PHP_b37 YRP/webshell_PHP_bug_1_ YRP/webshell_ghost_source_icesword_silic YRP/webshell_browser_201_3_400_in_JFolder_jfolder01_jsp_leo_ma_warn_webshell_nc_download YRP/webshell_Dive_Shell_1_0_Emperor_Hacking_Team_xxx YRP/webshell_jsp_reverse_jsp_reverse_jspbd YRP/webshell_gfs_sh_r57shell_r57shell127_SnIpEr_SA_xxx YRP/webshell_itsec_PHPJackal_itsecteam_shell_jHn YRP/webshell_NIX_REMOTE_WEB_SHELL_NIX_REMOTE_WEB_xxx1 YRP/webshell_2008_2009mssql_phpspy_2005_full_phpspy_2006_arabicspy_hkrkoz YRP/webshell_000_403_c5_config_myxx_queryDong_spyjsp2010_zend YRP/webshell_r57shell127_r57_iFX_r57_kartal_r57_antichat YRP/webshell_000_403_807_a_c5_config_css_dm_he1p_xxx YRP/webshell_phpspy_2005_full_phpspy_2005_lite_phpspy_2006_PHPSPY YRP/webshell_c99_locus7s_c99_w4cking_xxx YRP/webshell_r57shell127_r57_kartal_r57 YRP/webshell_webshells_new_con2 YRP/webshell_Expdoor_com_ASP YRP/webshell_webshells_new_php2 YRP/webshell_bypass_iisuser_p YRP/webshell_sig_404super YRP/webshell_webshells_new_JSP YRP/webshell_webshell_123 YRP/webshell_dev_core YRP/webshell_webshells_new_pHp YRP/webshell_webshells_new_pppp YRP/webshell_webshells_new_code YRP/webshell_webshells_new_xxxx YRP/webshell_webshells_new_PHP1 YRP/webshell_webshells_new_asp1 YRP/webshell_webshells_new_php6 YRP/webshell_GetPostpHp YRP/webshell_webshells_new_php5 YRP/webshell_webshells_new_PHP YRP/webshell_webshells_new_Asp YRP/perlbot_pl YRP/php_backdoor_php YRP/Liz0ziM_Private_Safe_Mode_Command_Execuriton_Bypass_Exploit_php YRP/shankar_php_php YRP/Casus15_php_php YRP/small_php_php YRP/shellbot_pl YRP/fuckphpshell_php YRP/ngh_php_php YRP/jsp_reverse_jsp YRP/Tool_asp YRP/NT_Addy_asp YRP/SimAttacker___Vrsion_1_0_0___priv8_4_My_friend_php YRP/phvayvv_php_php YRP/r57shell_php_php YRP/rst_sql_php_php YRP/wh_bindshell_py YRP/lurm_safemod_on_cgi YRP/c99madshell_v2_0_php_php YRP/w3d_php_php YRP/WinX_Shell_html YRP/Dx_php_php YRP/csh_php_php YRP/pHpINJ_php_php YRP/sig_2008_php_php YRP/ak74shell_php_php YRP/Rem_View_php_php YRP/Java_Shell_js YRP/STNC_php_php YRP/aZRaiLPhp_v1_0_php YRP/zacosmall_php YRP/CmdAsp_asp YRP/simple_backdoor_php YRP/mysql_shell_php YRP/Dive_Shell_1_0___Emperor_Hacking_Team_php YRP/Asmodeus_v0_1_pl YRP/Reader_asp YRP/phpshell17_php YRP/SimShell_1_0___Simorgh_Security_MGZ_php YRP/jspshall_jsp YRP/rootshell_php YRP/connectback2_pl YRP/shells_PHP_wso YRP/backdoor1_php YRP/elmaliseker_asp YRP/s72_Shell_v1_1_Coding_html YRP/hidshell_php_php YRP/kacak_asp YRP/PHP_Backdoor_Connect_pl_php YRP/Antichat_Socks5_Server_php_php YRP/Antichat_Shell_v1_3_php YRP/Safe_Mode_Bypass_PHP_4_4_2_and_PHP_5_1_2_php YRP/cyberlords_sql_php_php YRP/Ayyildiz_Tim___AYT__Shell_v_2_1_Biz_html YRP/EFSO_2_asp YRP/lamashell_php YRP/Ajax_PHP_Command_Shell_php YRP/JspWebshell_1_2_jsp YRP/Sincap_php_php YRP/Phyton_Shell_py YRP/sh_php_php YRP/phpjackal_php YRP/sql_php_php YRP/cgi_python_py YRP/ru24_post_sh_php_php YRP/telnetd_pl YRP/php_include_w_shell_php YRP/Safe0ver_Shell__Safe_Mod_Bypass_By_Evilc0der_php YRP/shell_php_php YRP/telnet_cgi YRP/ironshell_php YRP/backdoorfr_php YRP/aspydrv_asp YRP/cmdjsp_jsp YRP/h4ntu_shell__powered_by_tsoi_ YRP/Ajan_asp YRP/PHANTASMA_php YRP/MySQL_Web_Interface_Version_0_8_php YRP/multiple_webshells_0002 YRP/multiple_webshells_0003 YRP/multiple_webshells_0005 YRP/multiple_webshells_0010 YRP/multiple_webshells_0013 YRP/multiple_webshells_0015 YRP/multiple_webshells_0016 YRP/multiple_webshells_0018 YRP/multiple_php_webshells YRP/multiple_webshells_0019 YRP/multiple_webshells_0022 YRP/multiple_webshells_0027 YRP/multiple_webshells_0030 YRP/multiple_webshells_0031 YRP/multiple_webshells_0032 YRP/PHP_Cloaked_Webshell_SuperFetchExec YRP/WebShell_dC3_Security_Crew_Shell_PRiV YRP/WebShell_simattacker YRP/WebShell_DTool_Pro YRP/WebShell_ironshell YRP/WebShell_b374k_mini_shell_php_php YRP/WebShell_Sincap_1_0 YRP/WebShell_b374k_php YRP/WebShell_SimAttacker___Vrsion_1_0_0___priv8_4_My_friend YRP/WebShell_h4ntu_shell__powered_by_tsoi_ YRP/WebShell_php_webshells_MyShell YRP/WebShell_php_webshells_pws YRP/WebShell_reader_asp_php YRP/WebShell_Liz0ziM_Private_Safe_Mode_Command_Execuriton_Bypass_Exploit YRP/WebShell_php_backdoor YRP/WebShell_php_webshells_pHpINJ YRP/WebShell_php_webshells_NGH YRP/WebShell_php_webshells_matamu YRP/WebShell_ru24_post_sh YRP/WebShell_hiddens_shell_v1 YRP/WebShell_c99_locus7s YRP/WebShell_safe0ver YRP/WebShell_php_webshells_kral YRP/WebShell_cgitelnet YRP/WebShell_NTDaddy_v1_9 YRP/WebShell_lamashell YRP/WebShell_Simple_PHP_backdoor_by_DK YRP/WebShell_CmdAsp_asp_php YRP/WebShell_NCC_Shell YRP/WebShell_php_webshells_README YRP/WebShell_backupsql YRP/WebShell_AK_74_Security_Team_Web_Shell_Beta_Version YRP/WebShell_php_webshells_cpanel YRP/WebShell_php_webshells_529 YRP/WebShell_qsd_php_backdoor YRP/WebShell_Ayyildiz_Tim___AYT__Shell_v_2_1_Biz YRP/WebShell_Gamma_Web_Shell YRP/WebShell_WinX_Shell YRP/WebShell_php_include_w_shell YRP/WebShell_PhpSpy_Ver_2006 YRP/WebShell_php_webshells_myshell YRP/WebShell_php_webshells_lolipop YRP/WebShell_simple_cmd YRP/WebShell_go_shell YRP/WebShell_aZRaiLPhp_v1_0 YRP/WebShell_webshells_zehir4 YRP/WebShell_zehir4_asp_php YRP/WebShell_php_webshells_lostDC YRP/WebShell_CasuS_1_5 YRP/WebShell__Ajax_PHP_Command_Shell_Ajax_PHP_Command_Shell_soldierofallah YRP/WebShell__Small_Web_Shell_by_ZaCo_small_zaco_zacosmall YRP/WebShell_Generic_PHP_1 YRP/WebShell__CrystalShell_v_1_erne_stres YRP/WebShell_Generic_PHP_5 YRP/WebShell__findsock_php_findsock_shell_php_reverse_shell YRP/WebShell_Generic_PHP_6 YRP/Unpack_Injectt YRP/FeliksPack3___PHP_Shells_ssh YRP/bin_Client YRP/ZXshell2_0_rar_Folder_ZXshell YRP/RkNTLoad YRP/binder2_binder2 YRP/thelast_orice2 YRP/sendmail YRP/FSO_s_zehir4 YRP/hkshell_hkshell YRP/DarkSpy105 YRP/EditServer_Webshell YRP/FSO_s_reader YRP/svchostdll YRP/HYTop_DevPack_server YRP/vanquish YRP/BIN_Client YRP/Simple_PHP_BackDooR YRP/hkshell_hkrmv YRP/FeliksPack3___PHP_Shells_phpft YRP/bdcli100 YRP/rdrbs084 YRP/HYTop_CaseSwitch_2005 YRP/FSO_s_casus15_2 YRP/installer YRP/elmaliseker YRP/shelltools_g0t_root_resolve YRP/shelltools_g0t_root_Fport YRP/HYTop_DevPack_upload YRP/PasswordReminder YRP/rknt_zip_Folder_RkNT YRP/dbgntboot YRP/PHP_shell YRP/rdrbs100 YRP/Mithril_Mithril YRP/hkdoordll YRP/Mithril_v1_45_dllTest YRP/dbgiis6cli YRP/Debug_cress YRP/FeliksPack3___PHP_Shells_usr YRP/FSO_s_phpinj YRP/xssshell_db YRP/EditServer_Webshell_2 YRP/by064cli YRP/Mithril_dllTest YRP/connector YRP/shelltools_g0t_root_HideRun YRP/regshell YRP/PHP_Shell_v1_7 YRP/xssshell_save YRP/screencap YRP/ZXshell2_0_rar_Folder_zxrecv YRP/_root_040_zip_Folder_deploy YRP/by063cli YRP/icyfox007v1_10_rar_Folder_asp YRP/byshell063_ntboot_2 YRP/shelltools_g0t_root_xwhois YRP/vanquish_2 YRP/ZXshell2_0_rar_Folder_nc YRP/BIN_Server YRP/HYTop2006_rar_Folder_2006 YRP/HDConfig YRP/Webshell_and_Exploit_CN_APT_HK YRP/Pastebin_Webshell YRP/Borland YRP/possible_exploit YRP/powershell YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Antivirus YRP/VMWare_Detection YRP/Sandboxie_Detection YRP/Dropper_Strings YRP/Base64d_PE YRP/Misc_Suspicious_Strings YRP/SEH__vba YRP/Check_Dlls YRP/vmdetect YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_sandboxie YRP/inject_thread YRP/network_tcp_listen YRP/network_dyndns YRP/network_http YRP/network_dropper YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/sniff_lan YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Mal_http_EXE YRP/Mal_PotPlayer_DLL YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/WoolenGoldfish_Sample_1 YRP/WoolenGoldfish_Generic_3 YRP/Cerberus YRP/eval_post YRP/md5_71a7c769e644d8cf3cf32419239212c7 YRP/ScanBox_Malware_Generic YRP/Base64_encoded_Executable YRP/Invoke_mimikittenz YRP/GEN_PowerShell YRP/Nanocore_RAT_Gen_1 YRP/Nanocore_RAT_Gen_2 YRP/apt_hellsing_implantstrings YRP/FavoriteStrings YRP/NaikonStrings YRP/Naikon YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/EQGRP_create_dns_injection YRP/EQGRP_screamingplow YRP/EQGRP_MixText YRP/EQGRP_tunnel_state_reader YRP/EQGRP_payload YRP/EQGRP_eligiblecandidate YRP/EQGRP_BUSURPER_2211_724 YRP/EQGRP_networkProfiler_orderScans YRP/EQGRP_epicbanana_2_1_0_1 YRP/EQGRP_sniffer_xml2pcap YRP/EQGRP_BananaAid YRP/EQGRP_config_jp1_UA YRP/EQGRP_userscript YRP/EQGRP_BUSURPER_3001_724 YRP/EQGRP_workit YRP/EQGRP_tinyhttp_setup YRP/EQGRP_EPBA YRP/EQGRP_jetplow_SH YRP/EQGRP_extrabacon YRP/EQGRP_sploit_py YRP/EQGRP_uninstallPBD YRP/EQGRP_BICECREAM YRP/EQGRP_BFLEA_2201 YRP/EQGRP_StoreFc YRP/EQGRP_BBALL YRP/EQGRP_BARPUNCH_BPICKER YRP/EQGRP_Implants_Gen5 YRP/EQGRP_pandarock YRP/EQGRP_BananaUsurper_writeJetPlow YRP/EQGRP_Implants_Gen4 YRP/EQGRP_Implants_Gen3 YRP/EQGRP_BLIAR_BLIQUER YRP/EQGRP_sploit YRP/EQGRP_Implants_Gen2 YRP/EQGRP_Implants_Gen1 YRP/EQGRP_ssh_telnet_29 YRP/EQGRP_callbacks YRP/EQGRP_Extrabacon_Output YRP/EQGRP_Unique_Strings YRP/JavaDropper YRP/QuarksPwDump_Gen YRP/ZhoupinExploitCrew YRP/BackDoorLogger YRP/Jasus YRP/ShellCreator2 YRP/SmartCopy2 YRP/TinyZBot YRP/antivirusdetector YRP/csext YRP/kagent YRP/mimikatzWrapper YRP/pvz_in YRP/zhLookUp YRP/zhmimikatz YRP/OPCLEAVER_BackDoorLogger YRP/OPCLEAVER_Jasus YRP/OPCLEAVER_ShellCreator2 YRP/OPCLEAVER_SmartCopy2 YRP/OPCLEAVER_SynFlooder YRP/OPCLEAVER_TinyZBot YRP/OPCLEAVER_ZhoupinExploitCrew YRP/OPCLEAVER_antivirusdetector YRP/OPCLEAVER_csext YRP/OPCLEAVER_kagent YRP/OPCLEAVER_mimikatzWrapper YRP/OPCLEAVER_pvz_in YRP/OPCLEAVER_zhLookUp YRP/OPCLEAVER_zhmimikatz YRP/OPCLEAVER_CCProxy_Config YRP/Payload_Exe2Hex YRP/Codoso_CustomTCP_4 YRP/Codoso_Gh0st_3 YRP/Codoso_Gh0st_1 YRP/Codoso_PGV_PVID_1 YRP/Havex_Trojan_PHP_Server YRP/Turla_APT_Malware_Gen1 YRP/Turla_APT_Malware_Gen2 YRP/Turla_APT_Malware_Gen3 YRP/shimrat YRP/shimratreporter YRP/FiveEyes_QUERTY_Malwaresig_20123_cmdDef YRP/FiveEyes_QUERTY_Malwareqwerty_20123 YRP/FiveEyes_QUERTY_Malwaresig_20120_cmdDef YRP/FiveEyes_QUERTY_Malwaresig_20121_cmdDef YRP/apt_equation_equationlaser_runtimeclasses YRP/EquationDrug_HDDSSD_Op YRP/Sofacy_Fybis_ELF_Backdoor_Gen1 YRP/WaterBug_wipbot_2013_dll YRP/Casper_Included_Strings YRP/Casper_SystemInformation_Output YRP/suspicious_packer_section YRP/APT_Malware_PutterPanda_Rel YRP/WindowsCredentialEditor YRP/Amplia_Security_Tool YRP/PwDump YRP/PScan_Portscan_1 YRP/HackTool_Samples YRP/Fierce2 YRP/Ncrack YRP/SQLMap YRP/PortScanner YRP/NetBIOS_Name_Scanner YRP/FeliksPack3___Scanners_ipscan YRP/IP_Stealing_Utilities YRP/PortRacer YRP/scanarator YRP/_Bitchin_Threads_ YRP/portscan YRP/ProPort_zip_Folder_ProPort YRP/StealthWasp_s_Basic_PortScanner_v1_2 YRP/BluesPortScan YRP/scanarator_iis YRP/Angry_IP_Scanner_v2_08_ipscan YRP/crack_Loader YRP/Beastdoor_Backdoor YRP/Powershell_Netcat YRP/CN_Hacktool_MilkT_Scanner YRP/WCE_Modified_1_1014 YRP/iKAT_command_lines_agent YRP/iKAT_startbar YRP/BypassUac2 YRP/BypassUac_9 YRP/APT_Proxy_Malware_Packed_dev YRP/Ncat_Hacktools_CN YRP/MS08_067_Exploit_Hacktools_CN YRP/Hacktools_CN_Burst_sql YRP/Hacktools_CN_Panda_445TOOL YRP/Hacktools_CN_WinEggDrop YRP/Hacktools_CN_Panda_Burst YRP/Hacktools_CN_GOGOGO_Bat YRP/Hacktools_CN_Burst_pass YRP/Hacktools_CN_JoHor_Posts_Killer YRP/Hacktools_CN_Burst_Start YRP/Hacktools_CN_Burst_Blast YRP/VUBrute_VUBrute YRP/VUBrute_config YRP/sig_238_listip YRP/ArtTrayHookDll YRP/EditServer_HackTool YRP/sig_238_letmein YRP/sig_238_token YRP/sig_238_webget YRP/ASPack_Chinese YRP/sig_238_filespy YRP/EditKeyLogReadMe YRP/PassSniffer_zip_Folder_readme YRP/EditKeyLog YRP/PassSniffer YRP/UnPack_rar_Folder_InjectT YRP/Jc_WinEggDrop_Shell YRP/UnPack_rar_Folder_TBack YRP/ByPassFireWall_zip_Folder_Inject YRP/sig_238_sqlcmd YRP/sig_238_2323 YRP/CleanIISLog YRP/sqlcheck YRP/sig_238_RunAsEx YRP/SplitJoin_V1_3_3_rar_Folder_3 YRP/InstGina YRP/sig_238_findoor YRP/WinEggDropShellFinal_zip_Folder_InjectT YRP/gina_zip_Folder_gina YRP/sig_238_xsniff YRP/sig_238_fscan YRP/_FsHttp_FsPop_FsSniffer YRP/Ammyy_Admin_AA_v3 YRP/LinuxHacktool_eyes_scanssh YRP/LinuxHacktool_eyes_pscan2 YRP/LinuxHacktool_eyes_a YRP/LinuxHacktool_eyes_mass YRP/CN_Toolset__XScanLib_XScanLib_XScanLib YRP/CN_Toolset_NTscan_PipeCmd YRP/CN_Toolset_sig_1433_135_sqlr YRP/Mimikatz_Memory_Rule_1 YRP/Mimikatz_Memory_Rule_2 YRP/Mimikatz_Logfile YRP/VSSown_VBS YRP/ccrewMiniasp YRP/MiniASP YRP/Anthem_DeepPanda_lot1 YRP/Anthem_DeepPanda_htran_exe YRP/KINS_dropper YRP/IronTiger_ASPXSpy YRP/IronTiger_wmiexec YRP/IronPanda_DNSTunClient YRP/IronPanda_Malware_Htran YRP/Trojan_Win32_Plaplex YRP/Trojan_Win32_Adupib YRP/IMPLANT_3_v1 YRP/PoseidonGroup_Malware YRP/liudoor YRP/BernhardPOS YRP/Unit78020_Malware_Gen1 YRP/Unit78020_Malware_Gen3 FlorianRoth/QuarksPwDump_Gen FlorianRoth/KINS_dropper FlorianRoth/Win_PrivEsc_gp3finder_v4_0 FlorianRoth/Win_PrivEsc_folderperm FlorianRoth/FiveEyes_QUERTY_Malwaresig_20123_cmdDef FlorianRoth/FiveEyes_QUERTY_Malwareqwerty_20123 FlorianRoth/FiveEyes_QUERTY_Malwaresig_20120_cmdDef FlorianRoth/FiveEyes_QUERTY_Malwaresig_20121_cmdDef FlorianRoth/Nidiran_Trojan_1 FlorianRoth/Nidiran_Trojan_3 FlorianRoth/Mal_http_EXE FlorianRoth/Mal_PotPlayer_DLL FlorianRoth/ScanBox_Malware_Generic FlorianRoth/EQGRP_create_dns_injection FlorianRoth/EQGRP_screamingplow FlorianRoth/EQGRP_MixText FlorianRoth/EQGRP_tunnel_state_reader FlorianRoth/EQGRP_payload FlorianRoth/EQGRP_eligiblecandidate FlorianRoth/EQGRP_BUSURPER_2211_724 FlorianRoth/EQGRP_networkProfiler_orderScans FlorianRoth/EQGRP_epicbanana_2_1_0_1 FlorianRoth/EQGRP_sniffer_xml2pcap FlorianRoth/EQGRP_BananaAid FlorianRoth/EQGRP_config_jp1_UA FlorianRoth/EQGRP_userscript FlorianRoth/EQGRP_BUSURPER_3001_724 FlorianRoth/EQGRP_workit FlorianRoth/EQGRP_tinyhttp_setup FlorianRoth/EQGRP_EPBA FlorianRoth/EQGRP_jetplow_SH FlorianRoth/EQGRP_extrabacon FlorianRoth/EQGRP_sploit_py FlorianRoth/EQGRP_uninstallPBD FlorianRoth/EQGRP_BICECREAM FlorianRoth/EQGRP_BFLEA_2201 FlorianRoth/EQGRP_StoreFc FlorianRoth/EQGRP_BBALL FlorianRoth/EQGRP_BARPUNCH_BPICKER FlorianRoth/EQGRP_Implants_Gen5 FlorianRoth/EQGRP_pandarock FlorianRoth/EQGRP_BananaUsurper_writeJetPlow FlorianRoth/EQGRP_Implants_Gen4 FlorianRoth/EQGRP_Implants_Gen3 FlorianRoth/EQGRP_BLIAR_BLIQUER FlorianRoth/EQGRP_sploit FlorianRoth/EQGRP_Implants_Gen2 FlorianRoth/EQGRP_Implants_Gen1 FlorianRoth/EQGRP_ssh_telnet_29 FlorianRoth/EQGRP_callbacks FlorianRoth/EQGRP_Extrabacon_Output FlorianRoth/EQGRP_Unique_Strings FlorianRoth/OPCLEAVER_BackDoorLogger FlorianRoth/OPCLEAVER_Jasus FlorianRoth/OPCLEAVER_ShellCreator2 FlorianRoth/OPCLEAVER_SmartCopy2 FlorianRoth/OPCLEAVER_SynFlooder FlorianRoth/OPCLEAVER_TinyZBot FlorianRoth/OPCLEAVER_ZhoupinExploitCrew FlorianRoth/OPCLEAVER_antivirusdetector FlorianRoth/OPCLEAVER_csext FlorianRoth/OPCLEAVER_kagent FlorianRoth/OPCLEAVER_mimikatzWrapper FlorianRoth/OPCLEAVER_pvz_in FlorianRoth/OPCLEAVER_zhLookUp FlorianRoth/OPCLEAVER_zhmimikatz FlorianRoth/OPCLEAVER_CCProxy_Config FlorianRoth/ONHAT_Proxy_Hacktool FlorianRoth/RAT_JavaDropper FlorianRoth/malware_sakula_memory FlorianRoth/Casper_Included_Strings FlorianRoth/Casper_SystemInformation_Output FlorianRoth/GhostDragon_Gh0stRAT FlorianRoth/GhostDragon_Gh0stRAT_Sample2 FlorianRoth/kerberoast_PY FlorianRoth/WiltedTulip_ReflectiveLoader FlorianRoth/WindowsShell_s3 FlorianRoth/WindosShell_s1 FlorianRoth/WindowsShell_Gen FlorianRoth/WindowsShell_Gen2 FlorianRoth/ps1_toolkit_Invoke_Shellcode FlorianRoth/ps1_toolkit_Invoke_Mimikatz FlorianRoth/ps1_toolkit_Invoke_RelfectivePEInjection FlorianRoth/ps1_toolkit_Persistence FlorianRoth/ps1_toolkit_Invoke_Mimikatz_RelfectivePEInjection FlorianRoth/ps1_toolkit_Inveigh_BruteForce_2 FlorianRoth/ps1_toolkit_Persistence_2 FlorianRoth/ps1_toolkit_Inveigh_BruteForce_3 FlorianRoth/Pirpi_1609_A FlorianRoth/Pirpi_1609_B FlorianRoth/Regin_Related_Malware FlorianRoth/Unit78020_Malware_Gen1 FlorianRoth/Unit78020_Malware_Gen3 FlorianRoth/APT_Liudoor FlorianRoth/CoreImpact_sysdll_exe FlorianRoth/IronPanda_DNSTunClient FlorianRoth/IronPanda_Malware_Htran FlorianRoth/DeepPanda_lot1 FlorianRoth/DeepPanda_htran_exe FlorianRoth/Empire_Invoke_Mimikatz FlorianRoth/APT_Malware_CommentCrew_MiniASP FlorianRoth/Metasploit_Loader_RSMudge FlorianRoth/Sofacy_Fybis_ELF_Backdoor_Gen1 FlorianRoth/FourElementSword_Config_File FlorianRoth/FourElementSword_ElevateDLL_2 FlorianRoth/PoseidonGroup_Malware FlorianRoth/apt_equation_equationlaser_runtimeclasses FlorianRoth/EquationDrug_HDDSSD_Op FlorianRoth/PoisonIvy_Sample_6 FlorianRoth/Payload_Exe2Hex FlorianRoth/Fidelis_Advisory_cedt370 FlorianRoth/WaterBug_wipbot_2013_dll FlorianRoth/apt_hellsing_implantstrings FlorianRoth/IMPLANT_3_v1 FlorianRoth/BernhardPOS FlorianRoth/Turla_APT_Malware_Gen1 FlorianRoth/Turla_APT_Malware_Gen2 FlorianRoth/Turla_APT_Malware_Gen3 FlorianRoth/APT_Project_Sauron_Scripts FlorianRoth/APT_Project_Sauron_arping_module FlorianRoth/APT_Project_Sauron_kblogi_module FlorianRoth/APT_Project_Sauron_basex_module FlorianRoth/APT_Project_Sauron_dext_module FlorianRoth/Invoke_mimikittenz FlorianRoth/APT_Malware_PutterPanda_Rel FlorianRoth/APT6_Malware_Sample_Gen FlorianRoth/Codoso_CustomTCP_4 FlorianRoth/Codoso_Gh0st_3 FlorianRoth/Codoso_Gh0st_1 FlorianRoth/Codoso_PGV_PVID_1 FlorianRoth/PlugX_J16_Gen2 FlorianRoth/NTLM_Dump_Output FlorianRoth/shimrat FlorianRoth/shimratreporter FlorianRoth/WoolenGoldfish_Sample_1 FlorianRoth/WoolenGoldfish_Generic_3 FlorianRoth/Hacktool_Strings_p0wnedShell FlorianRoth/Keylogger_CN_APT FlorianRoth/Nanocore_RAT_Gen_1 FlorianRoth/Nanocore_RAT_Gen_2 FlorianRoth/Trojan_Win32_Plaplex FlorianRoth/Trojan_Win32_Adupib KevTheHermit/JavaDropper
133121ea82269ec943847e04cb070109ca94612aed23a471868937f119ae8175	PE32	2019-10-22 14:41:01	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__RemoteAPI YRP/DebuggerException__SetConsoleCtrl YRP/Check_Debugger YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3 YRP/GenerateTLSClientHelloPacket_Test
6f15160778efbf7ea7ae3d232d90cc8a1773841745e4bf370df3860570bb49f9	PE32	2019-10-06 15:32:42	http://94.140.244.229/AA_v3.exe	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
4737f8ebab8dc2ea3e40f74d33f5efc190c2df9c3681b970cbb7fa47fe65d739	PE32	2019-10-06 00:59:57	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature [+] YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/cred_local YRP/rat_rdp YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
933d350fa8a2d8f61de162233e773dbd986ff5f0e41563ad02ea1745a3a65160	PE32	2019-10-06 00:59:54	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 [+] YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/cred_local YRP/rat_rdp YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
5b41b95037227e9d0fbf257d8c8625091b5430f23bf58dfcd0982fe1565732e4	MS-DOS	2019-09-28 03:49:47	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
4efcc22da094e876346cff9500e7894718c8b6402ff3735ea81a9e057d488849	PE32	2019-09-27 15:29:48	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__RemoteAPI YRP/DebuggerException__SetConsoleCtrl YRP/Check_Debugger YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3 YRP/GenerateTLSClientHelloPacket_Test
fe61102fa2585f276efd85b8a3becf5ca5b61aa2d19872a4e8bcdf4d47fe5d6a	PE32	2019-09-14 12:01:40	http://51.15.252.204/51/ntsvc.exe	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/create_service YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Ammyy_Admin_AA_v3 FlorianRoth/CN_Actor_RA_Tool_Ammyy_mscorsvw FlorianRoth/CN_Actor_AmmyyAdmin
8655fb0ba3e61b2285ec50145cb5f863c6af92482a6c939d63d62b9b1112c921	PE32	2019-09-12 13:59:19	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3 YRP/GenerateTLSClientHelloPacket_Test
dac65e13e6648d8fc6225a5fcdf52c881f8f29936ba03540c8ca83f15eba2498	MS-DOS	2019-08-22 12:39:07	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
cf764db35b753413ed0deae89667b6ef1b4289da095d6107f72c55bc5fdd5160	MS-DOS	2019-08-22 12:29:05	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
e1be61148719dd2790a794af4f0a2e0e890cd606dd57ab82db46db4e235e405e	MS-DOS	2019-08-20 08:48:45	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
c3843ef24712829edcdc18368b932cc6cfb1d763b54bc2799fb8bf5f2883c89a	PE32	2019-08-19 14:49:00	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
74cbc922b7146bb7720e7c2ed8982ed94fd46aff09c1f345fa2da644c6b73026	MS-DOS	2019-08-16 14:39:21	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
c5245ec37e0c2adc553378d3a29e357979e74c3d69518337f78f4e891ff5bb04	MS-DOS	2019-08-12 18:09:26	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
44714196518f67a0dcc504ae3d9d89fce2186509de37f9e859e04f4c1fe7548b	MS-DOS	2019-08-12 13:28:43	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
2b8d1c99f8a142009066d4de303c812e1954e3d5682afb9c7ad308b2220892b1	PE32	2019-08-12 07:09:07	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
acbd7f79c9f2feb692cc24c2959cfa8171358d4384eeb0d12799f68be7c52f27	MS-DOS	2019-08-11 04:35:33	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
3a765f48ecaac51f26e647ad8e99b60ce283c5139bd2807bbf9ea8444a69ea40	PE32	2019-08-11 04:35:26	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
9acf0eb34fdb22e2a4f16f5ce6b7d621964c762f034e692ad364ad93ed415504	PE32	2019-08-11 04:35:18	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
7e74629cd619a20bc462f6886653250a0cb852a35d45c800b1af55a837c4ebc5	MS-DOS	2019-08-11 04:35:10	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
22c118478d610df6b752b3ba90145b06c55a6eef0065cb9a77183efd36c1c46d	PE32	2019-08-11 04:35:03	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
999bd036bdac8fddb3d2ceea25f1d72f60654cd2fa8b9c40c0c6f77f106d3a0e	MS-DOS	2019-08-11 04:34:55	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
6d3c14b2ffc89a3470423fe7352597e8ed13a284ffdad3b6eb91f6f0bd16383b	PE32	2019-08-11 04:34:48	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
3a24262520692ab9a7d46d0a02234cd0875e3838fe587fc2919038dec6fbb628	PE32	2019-08-11 04:34:40	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
a6a784d6c824ccce4b5df216441e51d89d944f8cecb11c61ed9d2214e34684ed	PE32	2019-08-11 04:34:33	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
bd75c52f1a05319d161ceec266b35f9e873a0fee025a828dde8c2e396358f8e7	PE32	2019-08-11 04:34:24	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
5b15d3c877e7d322ab0b125d6406a6ba3533895072f9b2c93ee0108982888026	PE32	2019-08-11 04:34:16	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
961253ace6dcc67d3838916fa9467130545de942501b0213ed622990aea9a653	PE32	2019-08-11 04:34:09	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
42378488c1898f558375ca95447bab48dc4ba457ba98538623614d73726fe1e5	MS-DOS	2019-08-11 04:34:01	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
23f363898c0b2862c60e1ff4d63d6232a2e9b6daa9ab3555182d5f2322b8440a	PE32	2019-08-11 04:33:53	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
c746482fb5ddcafef838d84b0b3f14516bf937cc4e2e158835450c23b1a080d0	PE32	2019-08-11 04:33:46	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
118135dde73954772e630061ba19b93dccf0873a4bd58d81a9701c8ab4d06018	MS-DOS	2019-08-11 04:33:38	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
7acd4164374a84179dd894986877d1055c260e8b6e275406954f2fda7163af4b	MS-DOS	2019-08-11 04:33:31	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
1bbd166fde144d94f31a8a4a28a622b563976a7cffd8d5c4afa67a4dc6eb95f8	MS-DOS	2019-08-11 04:33:23	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
fa0838c5cd0655997e8744f1d8d14c281e7ff453beef2fe8d8c42a5f5a7600c5	PE32	2019-08-11 04:33:16	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
47f6bfb57a7bdd21039d880306a40dcee2f449eba69d8f2b12e809370eac2e30	PE32	2019-08-11 04:33:05	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
615db84b7b3d4bc7ecd5b370c6a85b54d0a0894381f346217d49efc25c35fc70	MS-DOS	2019-08-11 04:32:57	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
ed894decd18632d469cae29095d95ababba9ecbbadab40e633fd9420f1414a77	MS-DOS	2019-08-11 04:32:50	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
e20be09624bb0beb0b1ffb224d6cbaad0f009c38db05963cccad5a9140834fb4	PE32	2019-08-11 04:32:42	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
81c9aee2b6c6b63e2c68930510c87ed7977124f2f0296dfa2184e02ecff7d58d	PE32	2019-08-11 04:32:35	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
093a365602bb0e6224a9ad29cb892a1703f9be6bd46814f2d9a2e75fdb6b0a24	MS-DOS	2019-08-11 04:32:27	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
8eee6caeee4d01bdc8b356941716882b643457bd989d72225deb509062504b61	PE32	2019-08-11 04:32:20	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
d1dd38d0fa11ef3259062c85ba42995f52e92ce578302376380f38fffaa2430b	MS-DOS	2019-08-11 04:32:12	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
7cde3ba98d9e7d1d740852bf286b8e712df97d60f55a7fa13095e29a5b87c275	MS-DOS	2019-08-11 04:32:05	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
f9a668ae993528c1cfa43b952a529db027dd06bd27121fcfc8d4b36643319415	PE32	2019-08-11 04:31:57	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
415703ba552254cf82248ee9dd7d5913e441d39b5bb08e3a4324e66568ae0918	PE32	2019-08-11 04:31:49	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
9590631d4aa1da0da8c97e32681e4744edfca0cdc06431dd28c5466dcaa95eba	PE32	2019-08-11 04:31:41	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3
bb3a96a35bb5c3b4f91a7ca3064c09ce30210ce36cad54833b870044201693bd	MS-DOS	2019-08-11 04:31:34	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Ammyy_Admin_AA_v3

Recent Searches
yrp/ammyy_admin_aa_v3
yrp/bypassuac2
yrp/eqgrp_busurper_3001_724
yrp/sh_php_php
yrp/multiple_webshells_0018
yrp/installer
yrp/sqlcheck
yrp/network_irc
yrp/payload_exe2hex
yrp/windowscredentialeditor

Search

Recent Searches