MalShare

SHA256 Hash	File type	Added	Source	Yara Hits
f58bd6b6c64090d9524b4fa251de97037a1fd58ea30277c03507450f9d4d925c	GIF	2022-02-24 08:45:23	User Submission	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/contentis_base64 YRP/SEH__vba
4d61280e896a519e4fdfff24346065ac82904b26f84008e6db49dc1b23bd83d2	GIF	2022-02-24 04:39:03	User Submission	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/contentis_base64
b4f4bde7121446554ca6e1d37809838a6894f7c8e8306c6f97afa553ebd3300d	GIF	2022-02-23 18:17:08	User Submission	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Embedded_EXE_Cloaking YRP/domain [+] YRP/url YRP/contentis_base64 YRP/SEH__vba
d0d141d5e77a123698a6d2ad0955798ef2c61ba9a2bc330f738653f69b0dc619	GIF	2022-02-22 13:04:27	User Submission	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number
4216f63870e2cdfe499d09fce9caa301f9546f60a69c4032cb5fb6d5ceb9af32	PNG	2022-01-28 10:01:46	User Submission	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Embedded_EXE_Cloaking YRP/domain [+] YRP/contentis_base64 YRP/anti_dbg YRP/win_files_operation
7f3b69e325c39a2357be33f07a4a20fd5e52bb88c9c89632769d3f3317f6f731	PDF	2020-07-08 17:01:53	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/url YRP/contentis_base64 YRP/ThreadControl__Context YRP/anti_dbg YRP/escalate_priv YRP/win_mutex YRP/win_token YRP/win_files_operation YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/VC8_Random
0c4dec41af027a6bc72a02a1fbd5b79ea7ce44b6beb5dc2f85951cb7c66e32d2	GIF	2019-05-04 17:15:48	http://159.65.31.204/flor_dumal.gif	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Embedded_EXE_Cloaking YRP/domain [+] YRP/contentis_base64 YRP/suspicious_packer_section
cbe17a1437ec00fdb642662ece2f58effd84e5d4d1f424b592a1468f40e034b9	PNG	2019-04-23 16:45:48	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe YRP/NETexecutableMicrosoft YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/network_dns YRP/Big_Numbers1
255affff74d026fde13f1e9c6bb109b344f9083bbfe265bb8821ab511e15a88e	JPEG	2019-02-24 12:51:47	https://share.dmca.gripe/rWZlAsctle4LlKfO.jpg	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/possible_includes_base64_packed_functions YRP/NETDLLMicrosoft [+] YRP/NETexecutableMicrosoft YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API
146ebe7371e4dfc590906278502928ed7d057a67a834a761dccac81dba6396e3	PNG	2019-02-15 13:33:26	https://share.dmca.gripe/01lY60RZli5nCIya.png	CuckooSandbox/embedded_pe YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP [+] YRP/contentis_base64
3c6dde0cef97ebc012e8d9d30d720bb6c6b32feb7b0d39e57d4774fffe0d3c7a	JPEG	2019-02-13 01:36:44	https://share.dmca.gripe/zbMedrxHFFE9bp0r.jpg	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/possible_includes_base64_packed_functions YRP/NETDLLMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Big_Numbers1 YRP/Advapi_Hash_API
0d48e7c8cf4edc8fd0fb6763e97afa45b8ef2703c2adb6b4a71219934411b4e1	PNG	2019-02-01 01:44:17	https://share.dmca.gripe/1uyCdHGCBWOJumQM.png	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/possible_includes_base64_packed_functions YRP/NETDLLMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/contentis_base64 YRP/Browsers YRP/network_smtp_dotNet YRP/keylogger YRP/win_registry YRP/win_hook YRP/Advapi_Hash_API YRP/CAP_HookExKeylogger
6e14f2f03faeee724eb2fe7c6e563c6c02ef700c4408ab59b4b14856603c0859	JPEG	2019-01-24 00:56:54	https://share.dmca.gripe/IujfcYbdpBWFFLKi.jpg	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VMWare_Detection YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/Check_Dlls YRP/anti_dbg YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API
277a275b933289cc1f9955a1629b33646130454768078c47043261cbb147cbd0	JPEG	2019-01-20 12:50:21	https://pomf.pyonpyon.moe/ggesuy.jpg	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VMWare_Detection YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/Check_Dlls YRP/anti_dbg YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API
576686cd7e5220e093e590afe8530cc4df052e34b1b21ea8a8b547ac4d39e106	PNG	2019-01-20 12:49:59	https://pasteboard.co/images/HWgDFYp.png/down...	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Borland [+] YRP/maldoc_find_kernel32_base_method_1 YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Advapi_Hash_API YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Trojan_W32_Gh0stMiancha_1_0_0 YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
e013647b22476294f4abb799aefbc9aee49b786ecaaecf2f5a63c035c2354036	JPEG	2019-01-12 12:49:54	https://share.dmca.gripe/mWeneyIveXmYjSKT.jpg	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Embedded_EXE_Cloaking YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Qemu_Detection YRP/Dropper_Strings YRP/WMI_strings YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_hook YRP/Advapi_Hash_API YRP/CAP_HookExKeylogger FlorianRoth/Quasar_RAT_1
605e80f96b778e3b81aa785a43623e7052896da4d94eea60d0e82edfecccab28	JPEG	2019-01-10 12:47:25	https://pasteboard.co/images/HVjbP3R.jpg/down...	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/possible_includes_base64_packed_functions YRP/NETDLLMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API
e3de6a0d457feea45ebd441ec20ce82e47f52b89634b4632a1318d851dca26cd	JPEG	2019-01-07 13:02:26	https://pasteboard.co/images/HVb42Yz.jpg/down...	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETexecutableMicrosoft YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/network_dns YRP/win_registry YRP/Big_Numbers1 YRP/Nanocore_RAT_Gen_2 YRP/NanoCore FlorianRoth/RAT_NanoCore FlorianRoth/Nanocore_RAT_Gen_2 KevTheHermit/NanoCore BAMFDetect/NanoCore
46b52f28d0eea20226f6f6a6c3ac7e85403c7586867d4f9946f3bd6e5b4c220e	JPEG	2019-01-07 13:02:23	https://pasteboard.co/images/HVbB1pM.jpg/down...	CuckooSandbox/shellcode CuckooSandbox/embedded_pe YRP/maldoc_find_kernel32_base_method_1 YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/url YRP/contentis_base64 YRP/antivm_vmware YRP/Big_Numbers1
cbed58b9348d3607aca70ef0b09bd061db33faf38d19ba1d3c369f0deceab83b	JPEG	2018-12-26 13:06:19	https://share.dmca.gripe/hKXzWhYBDZRL9obi.jpg	CuckooSandbox/shellcode CuckooSandbox/embedded_pe YRP/maldoc_find_kernel32_base_method_1 YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/url YRP/contentis_base64 YRP/Big_Numbers1 YRP/RIPEMD160_Constants YRP/SHA1_Constants
0f3789714f38b36d13b75cad7d3c85bdc1d581fe630b767ab8e18b1203452c44	JPEG	2018-12-22 12:48:45	https://pasteboard.co/images/HSk9gWK.jpg/down...	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETexecutableMicrosoft YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/Big_Numbers1 YRP/Njrat FlorianRoth/Quasar_RAT_1
fd32e2c18bae25ae2af501718716f0a5e1bd42dad75d7fe2ece0e7856f7b32d1	JPEG	2018-12-22 12:48:42	https://pasteboard.co/images/HSAFBZI.jpg/down...	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Borland [+] YRP/maldoc_find_kernel32_base_method_1 YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Trojan_W32_Gh0stMiancha_1_0_0 YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
c21934fa02df81dd16264180ad4568f7a01a93b94db2dbc21a00b1af31b8139f	JPEG	2018-12-22 12:48:39	https://pasteboard.co/images/HSALBfU.jpg/down...	CuckooSandbox/shellcode CuckooSandbox/embedded_pe YRP/maldoc_find_kernel32_base_method_1 YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/url YRP/contentis_base64 YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table
b77bc0f30f2fea7951e45af1e17899b667acf7e5680a4de549cdd3f8a7a5b04d	JPEG	2018-12-13 12:55:40	https://share.dmca.gripe/6FoKtg4X5Y7FuV7r.jpg	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/possible_includes_base64_packed_functions YRP/NETDLLMicrosoft [+] YRP/NETexecutableMicrosoft YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_smtp_dotNet YRP/keylogger YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/CAP_HookExKeylogger
f3609d538e9e1942c9fefb09afdb780a8b39c28b65ebb548610e911b59a56e61	JPEG	2018-12-01 00:54:27	https://share.dmca.gripe/3MPMOJEMMqUSlT7v.jpg	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETexecutableMicrosoft YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/network_dns YRP/win_registry YRP/Big_Numbers1 YRP/Nanocore_RAT_Gen_2 YRP/NanoCore FlorianRoth/RAT_NanoCore FlorianRoth/Nanocore_RAT_Gen_2 KevTheHermit/NanoCore BAMFDetect/NanoCore
0013f4b75467498754b6623f2edc01fec6097bbee268f4af339380314ed28b8f	JPEG	2018-11-26 17:58:59	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/contentis_base64 YRP/Dropper_Strings YRP/anti_dbg YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table
c902f075a02afbeca1b1a28eb78c8766d128212d1b77c764c7fa32658113f657	JPEG	2018-11-26 17:56:43	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/win_registry YRP/win_files_operation YRP/Big_Numbers0 YRP/VC8_Random YRP/Str_Win32_Winsock2_Library
e5f728fc2350d59199e1e026989ca7ee836fd348f7b8edcc8acc5b463ef8d147	JPEG	2018-11-24 04:51:24	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
d97733149b014b865a4390dfa65080e9d316573da7fa1e4a8a7686c30c0e75fe	PNG	2018-11-17 17:51:24	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
5941ccc6bbfd03eed5734b1a04808092b4e182b46d598a69658d478f98e6d068	JPEG	2018-11-17 12:45:14	https://pasteboard.co/images/HMTQPDK.jpg/down...	CuckooSandbox/embedded_pe YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP [+] YRP/url YRP/contentis_base64 YRP/Big_Numbers1
2b84323128d2e32a884cda1275cfc04b3ef4a7aee4fee0ee0a55e128a896fd70	JPEG	2018-11-17 00:46:49	https://share.dmca.gripe/YDasoIUOvRqFZyAR.jpg	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/possible_includes_base64_packed_functions YRP/NETDLLMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API
c84e47b4de3b120f8585527e3bcfa48597eda839e496265229e5c3de2c4f5317	PDF	2018-11-13 09:15:45	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/possible_includes_base64_packed_functions [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/win_mutex YRP/win_registry YRP/win_private_profile YRP/android_meterpreter YRP/Big_Numbers1 YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Mirage_APT
9514d0478875cb04cfdbb129e7dded67f6d7d599733095a39bc8737a1016febf	PDF	2018-11-13 09:08:55	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/VMWare_Detection YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/network_http YRP/network_ftp YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
4e43764bc78d8134e2bd4e9daff085e5f20d6b51c1231fe0f21a6828f6b694b4	JPEG	2018-11-11 12:50:03	https://pasteboard.co/images/HLoGpNO.jpg/down...	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Borland [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/disable_antivirus YRP/hijack_network YRP/win_mutex YRP/Big_Numbers1 YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_Copy YRP/Delphi_StrToInt YRP/DarkComet_1 YRP/DarkComet_3 YRP/DarkComet_4 FlorianRoth/RAT_DarkComet KevTheHermit/DarkComet BAMFDetect/DarkComet
5cbf405257c900544c54811efc3d68b2aae8293761017b7f7a42ac25f3b1dd31	JPEG	2018-11-09 20:41:22	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
1784873f290f4a471a497bd1503bf866dd3fa64a7eb5daab80a9ff50b679e7a5	JPEG	2018-11-07 17:22:11	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
4953be471fc95015e84c6bfe646ec994e196e19e38af7ddfdee1ae77a7f5f31a	JPEG	2018-11-07 13:51:13	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
10a8da9d2748f65153c460440d474bef967524a909a18719741be90e0128c6f3	JPEG	2018-11-07 13:51:11	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
30eacdb2d9dc6f6c9c46f8fa6e12266cd56f491ac4b3e2f211987194cb85c82a	JPEG	2018-11-02 11:31:28	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
e709371ef6e5aefcd8c1fa7610824db87661d5fc562e479463bbe3aba8e31605	JPEG	2018-10-17 12:46:42	https://pomf.pyonpyon.moe/phjacm.jpg	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/possible_includes_base64_packed_functions YRP/NETDLLMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API
45163e7dce8a6c42873fcd2ac593f944683b0b8e8a969907c404dad17a39e8ce	JPEG	2018-10-16 12:52:45	https://pasteboard.co/images/HIzhg49.jpg/down...	CuckooSandbox/shellcode CuckooSandbox/embedded_pe YRP/maldoc_find_kernel32_base_method_1 YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/url YRP/contentis_base64 YRP/Big_Numbers1
40627a073ee76b332b6235bd9c80583bef8d233a16f055bede2848e75e76bcc7	JPEG	2018-10-11 12:45:12	https://pasteboard.co/images/HHKrjPX.jpg/down...	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_sbox YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/with_sqlite YRP/pony BAMFDetect/pony
c2f02f35a8013d3ee208cd061cac5cff4e5a0e34035c2404c68cd0366768553f	JPEG	2018-10-04 12:46:58	http://myblogforyou.is/1/I/AJNyO	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/possible_includes_base64_packed_functions YRP/NETDLLMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API
9e3cfeba3cc5241768e05af0aec3d32e99a52de57f3cadcf437af49543ae6bf8	JPEG	2018-10-04 12:45:12	http://myblogforyou.is/1/I/WSrFP	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/possible_includes_base64_packed_functions YRP/NETDLLMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API
b4bbf1624f92dbe4801cf3aed82ce5fe53076291d8c3587844d9c3bc6e925cd0	JPEG	2018-09-29 01:49:15	http://myblogforyou.is/1/v/iBjr7	CuckooSandbox/embedded_pe YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP [+] YRP/contentis_base64 YRP/Advapi_Hash_API
6fe2e6064019087e2ebcb847985ebc870f58110eebb3cbfdc8853ed142235c1d	JPEG	2018-09-24 13:07:07	https://u.lewd.se/l5ogCo_RQbUTBOG.jpg	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Borland [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/contentis_base64 YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/WMI_strings YRP/Base64d_PE YRP/ThreadControl__Context YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/Delphi_Copy YRP/Str_Win32_Winsock2_Library FlorianRoth/RevengeRAT_Sep17
d1fa0383d08c339169f7f1a36577d1c382683dcd61ae071eb4ded0e539db61c3	JPEG	2018-09-24 01:05:13	http://myblogforyou.is/1/v/Zamb4	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/contentis_base64 YRP/Browsers YRP/Sandboxie_Detection YRP/VirtualBox_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/antisb_sandboxie YRP/antivm_vmware YRP/disable_dep YRP/inject_thread YRP/network_dropper YRP/escalate_priv YRP/keylogger YRP/sniff_audio YRP/cred_ff YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
e5895bc4245d71194737d832f9c08923dd5a8bcce3775c91d0d1dbf01b802420	PNG	2018-09-24 01:05:09	http://myblogforyou.is/1/v/yyYXl	CuckooSandbox/embedded_pe YRP/NETexecutableMicrosoft YRP/Embedded_EXE_Cloaking YRP/domain [+] YRP/IP YRP/contentis_base64 YRP/Big_Numbers0 YRP/Big_Numbers1
566dd15bf0e06139c8d166e1d2bda0afaafee5d2d3479522e7df6d543711d0c8	JPEG	2018-09-24 01:05:03	http://myblogforyou.is/1/v/7Lj97	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/maldoc_getEIP_method_1 YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
b2af8e7d2574dbe96443395b2f497e452efa762702597733976ceec7442c5a1b	PNG	2018-09-24 01:04:59	http://myblogforyou.is/1/v/pZDcK	CuckooSandbox/embedded_pe YRP/NETexecutableMicrosoft YRP/Embedded_EXE_Cloaking YRP/domain [+] YRP/IP YRP/contentis_base64 YRP/Big_Numbers1 YRP/suspicious_packer_section
1f2edba3d2678d4fbb1de3cbdfb0b95ee3a88a954aad6ae55caab21710cfd0bd	JPEG	2018-09-24 01:04:54	http://myblogforyou.is/1/v/KKnS6	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Embedded_EXE_Cloaking YRP/domain [+] YRP/IP YRP/contentis_base64 YRP/screenshot FlorianRoth/RevengeRAT_Sep17
841774a3b3bd48878bce6aa3a9f3d83a29269e4800ed34ad69169574b24e7afd	JPEG	2018-09-06 12:49:31	http://myblogforyou.is/1/v/sWQuF	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/contentis_base64 YRP/Browsers YRP/Sandboxie_Detection YRP/VirtualBox_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/antisb_sandboxie YRP/antivm_vmware YRP/disable_dep YRP/inject_thread YRP/network_dropper YRP/escalate_priv YRP/keylogger YRP/sniff_audio YRP/cred_ff YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
bf2d3bf4dff161fff94b898997412813830d2b133a3f1029a400001b8e629c64	JPEG	2018-09-04 12:45:58	http://myblogforyou.is/1/v/Im6gk	CuckooSandbox/shellcode CuckooSandbox/embedded_pe YRP/NETexecutableMicrosoft YRP/maldoc_getEIP_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/contentis_base64 YRP/CRC32b_poly_Constant YRP/RIPEMD160_Constants YRP/SHA1_Constants
599e752255536a75a2637a1d3e958b2a6f158044957892abfd504b892af8872d	GIF	2018-09-03 12:45:33	https://u.lewd.se/yobBS6_auSrdjHn.gif	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/contentis_base64 YRP/VMWare_Detection YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/Check_Dlls YRP/anti_dbg YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_hook YRP/Advapi_Hash_API
80c611e3a345ba7da6e6b404256564e8d73f588a29606722eb6651754f1fe60d	JPEG	2018-08-28 19:10:23	http://u.lewd.se/OugalZ_MVAMlJzd.jpg	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETexecutableMicrosoft YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/IP YRP/contentis_base64 YRP/disable_dep YRP/network_dns YRP/win_registry YRP/Nanocore_RAT_Gen_2 YRP/NanoCore FlorianRoth/RAT_NanoCore FlorianRoth/Nanocore_RAT_Gen_2 KevTheHermit/NanoCore BAMFDetect/NanoCore
58aca30bef62c93cce3fc621f3766846a97072e7fc17fb1816a9a6a8cb99441e	JPEG	2018-08-26 18:19:47	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
2b3f133a7088dc214a2335789d1d4bb2674107977d6b598b565928075a39ed04	Rich	2018-08-20 12:33:15	User Submission	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Embedded_EXE_Cloaking YRP/RTF_Shellcode [+] YRP/domain YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Misc_Suspicious_Strings YRP/network_http YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
aed41c0b00798f9eb8059387321b099dd8b10fdd0f7400eb129abe825aca4d02	JPEG	2018-08-10 12:46:57	http://mydocuments1.is/1/T/TIsas	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
b715351bf8dd8929047b2005d5df02873d10907e9a74443f6357b56bde32448f	GIF	2018-08-09 12:48:32	http://mydocuments1.is/1/T/9VNRx	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Sandboxie_Detection YRP/VirtualBox_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/antisb_sandboxie YRP/antivm_vmware YRP/disable_dep YRP/inject_thread YRP/network_dropper YRP/network_tcp_socket YRP/escalate_priv YRP/keylogger YRP/sniff_audio YRP/cred_ff YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
9dea34a4df20f3e2392f92d2f26dad88ba66827269431aa824c9aa8a0b80289b	GIF	2018-08-02 12:51:14	http://mydocuments1.is/1//T/n2wlA	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETDLLMicrosoft YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VMWare_Detection YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/Check_Dlls YRP/anti_dbg YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API
4fe7ca89f2895947e3019b65dfa45698f7258afe355903d9f61e3b37dad65301	PNG	2018-08-02 12:47:45	http://mydocuments1.is/1/T/MCzNI	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/contentis_base64 YRP/VMWare_Detection YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/Check_Dlls YRP/anti_dbg YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_hook YRP/Advapi_Hash_API
6367bae69599346c1a0da1294aad4e55171cfd8ae89f0bdae254b1f47c1ecbc5	JPEG	2018-08-01 01:01:05	http://mydocuments1.is/1/T/48hzc	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/contentis_base64 YRP/VMWare_Detection YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/Check_Dlls YRP/anti_dbg YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_hook YRP/Advapi_Hash_API
71bc932c04a8721a4983292bfb8ef1af6bde6ac417c39eb8d2f45c7d53e3a1ee	GIF	2018-08-01 00:57:44	http://mydocuments1.is/1//T/nIx3w	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETDLLMicrosoft YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VMWare_Detection YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/Check_Dlls YRP/anti_dbg YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API
cafe056d5a4e2003bd8abd304689e2694c48463c50f3a2989bb6200100d6aead	JPEG	2018-07-31 12:45:49	http://mydocuments1.is/1//T/p6lGQ	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Embedded_EXE_Cloaking YRP/domain [+] YRP/IP YRP/contentis_base64 YRP/screenshot YRP/keylogger YRP/cred_ie7 YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/BASE64_table
b815d635f2613e75fd091f933cfad8b62b3b8befb26b51bdaac908a940e927b1	GIF	2018-07-21 12:46:23	http://myfiles123.su/1//v/hkW5GDQ	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/contentis_base64 YRP/Browsers YRP/Sandboxie_Detection YRP/VirtualBox_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/antisb_sandboxie YRP/antivm_vmware YRP/disable_dep YRP/inject_thread YRP/network_dropper YRP/network_tcp_socket YRP/escalate_priv YRP/keylogger YRP/sniff_audio YRP/cred_ff YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
381269828c04f699e43720978dd0548e7fe2d912fd058c73d425c8c720f8ed61	JPEG	2018-07-21 12:38:34	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
f40de7cd027a8bdd2cabd6d53dffaa3e3e9e5a0d1e7304625d5d26a08cad1e10	JPEG	2018-07-21 12:38:32	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
473ada0521be755450d5622936cf96433bd8ce71d947186abb82b1d7b8c958c0	PNG	2018-07-21 12:28:59	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
1080ff2f42deb1242248f5189e7061e4fedf2a7caecf437e80e5337be73d4b6f	JPEG	2018-07-21 12:28:54	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
f72b7bc0eee496e6c5ccdff7a22510d8874efc0f3ff1692d059424923c782117	GIF	2018-07-21 12:28:48	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
7ae85c632decf80f30cfb133abbef989ddcc005813b1d8427e692b948f6a5231	GIF	2018-07-21 12:18:41	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
63e396569f3f76bf03d0d6b8fe6e8e19be6b6ea08e4fe063c48e67ce66276e38	GIF	2018-07-21 12:18:38	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
ef0bd4239aadc6fb69c556a7332b3d4b799da5b34d89a9f5453f3e946b52ff42	GIF	2018-07-21 12:08:33	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
eb31f13fc0df53a371ebc21a9d9a446a78e771bb25e04227117ade561a059cfe	JPEG	2018-07-18 07:58:43	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
b92a4c45fdd1c1629543710d6968433ac3bd8fce65f6e5da361302edccd26777	GIF	2018-07-17 20:39:25	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
d915ff96791d66329532fd947693fb69ebf58e34c86aca688004cac3da3d5db8	PNG	2018-07-14 20:58:57	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
87230b8a15e04d6cc7ac507b56fc7843efd318b18da961e7bfa82ea5bfe579ce	PNG	2018-07-13 09:08:39	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
86f6b6ad8dad4b48361d74b5c459c206a46d3349b4574186e29e8d8161bba2f7	PNG	2018-06-26 01:13:28	http://uploadtops.is/1/f/HTVac8C	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETexecutableMicrosoft YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_hook YRP/Advapi_Hash_API FlorianRoth/Quasar_RAT_1
88c37e8c8e7800d2be240c327bdc665807f2d81e042626f17e30cd0bbbd90f27	JPEG	2018-06-19 04:48:18	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
79d555659e7af451b825de0aa682eb802e362ce0eae7d3c031216c3fe1f5f3f2	PNG	2018-06-09 12:45:12	http://uploadtops.is/1//f/H2ZR1Tw	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/escalate_priv YRP/cred_local YRP/cred_ff YRP/win_token YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_sbox YRP/with_sqlite YRP/pony BAMFDetect/pony
34ecb2e7cf71f79a4d0c3c54d56ff13a951501fac9ff9199dc72c85a5fc9c94a	JPEG	2018-06-06 21:37:53	http://uploadtops.is/1//f/6W1igEE	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETexecutableMicrosoft [+] YRP/maldoc_find_kernel32_base_method_1 YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
dd84a432ee41c9ca24c3dd02ee12d87c3576f03ed4c9c0ae2df7cc1f6537147f	JPEG	2018-06-05 16:48:07	http://uploadtops.is/1//f/atJVMoh	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
4536648956bb0d2726bc01b6dc44d25492dee7a57e70646b9c2f9352252da039	JPEG	2018-06-05 15:48:54	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
06ea1e94aca7915d5aa42c26ab3770f5684fb27dda58758d018465d6322913b0	JPEG	2018-03-19 18:26:42	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite

Recent Searches
yrp/embedded_exe_cloaking
yrp/pseudosigner_02_upx_06
yrp/telock_10_private_te_additional
yrp/vcasmprotectorv1xvcasm
yrp/pe_protect_v09
yrp/nspack_v34_v35_liuxingping
yrp/software_compress_v12_bg_software_protect_technologies_signbyfly
yrp/moleboxpro_255_mole_studio_h_additional
yrp/pseudosigner02peprotect09anorganix
yrp/themida_1201_compressed_oreans_technologies

Search

Recent Searches