MalShare

SHA256 Hash	File type	Added	Source	Yara Hits
87216f15330710de0c1a0fefbef489b43621612dd55b59eae49cf8fa9a95efd7	PE32	2022-03-20 20:32:03	User Submission	YRP/IsPE32 YRP/IsConsole YRP/domain YRP/IP [+] YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/SEH__vectored YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/bitcoin YRP/escalate_priv YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
7b40cc1f05bd9acac6388fc820c07d75bac5c28afc2c5372a8a85f3fa9c7794a	PE32	2022-03-20 02:07:32	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/VM_Generic_Detection YRP/anti_dbg YRP/escalate_priv YRP/screenshot YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table
a53af96d0a2bddd88e420cde7ed8ea0f5ddebce17bb64ddadcf83af8ddc69f82	PE32	2022-03-20 02:07:19	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/VM_Generic_Detection YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/win_registry YRP/win_token YRP/Big_Numbers1 YRP/Str_Win32_Winsock2_Library
1596a4aaa170593fea113d81f195ddfc9ec1641de73b744813c375b93f6c063a	PE32	2022-03-20 02:06:38	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsDLL YRP/IsConsole YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/anti_dbg YRP/win_registry YRP/win_token YRP/Big_Numbers1
deeb203da669b35540889cfe23590691251838951e28ed8c5ffe819eef50fe94	PE32+	2022-03-20 02:03:58	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/vmdetect YRP/anti_dbg YRP/escalate_priv YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers2
5f5c7a8767eb085cdbbdf6aa6d35643da374bfc42fe689b4dfeb7dcdb0637034	PE32+	2022-03-19 02:05:29	User Submission	YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/screenshot YRP/win_registry YRP/Big_Numbers1 YRP/Advapi_Hash_API
10ca6c341f4dd5eb2bd625309a740b0fc31c4f1894012b5abfb2e13491cf9673	PE32+	2022-03-18 02:27:15	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_tcp_listen YRP/network_http YRP/win_mutex YRP/win_registry YRP/Big_Numbers1 YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
465af069b401fc9af0d00ff857afe2a44cfd4bac9efd1baeb77236699e52d885	PE32+	2022-03-18 02:13:45	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/VM_Generic_Detection YRP/Qemu_Detection YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vectored YRP/Check_Qemu_Description YRP/Check_VBox_Description YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/suspicious_packer_section
bd0f27fcc8f7be6d2c00fd068321421c58a863e7e2717dc5643a16c9d607180d	PE32	2022-03-17 02:21:41	User Submission	YRP/VC8_Microsoft_Corporation YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/VM_Generic_Detection YRP/Qemu_Detection YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vectored YRP/Check_Qemu_Description YRP/Check_VBox_Description YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/suspicious_packer_section
f92b66faf44977389d5624ded8225a36bbfd80ba2abae13597548d203ebbadbd	PE32+	2022-03-17 02:09:48	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__GlobalFlags YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/SEH__vectored YRP/Check_Debugger YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/BASE64_table
378762ac844547ce9cf8319d9c8474de2d4702d62f50f583b5b07bbae4b96c28	PE32	2022-03-17 02:02:43	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/QtFrameWork YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/GenerateTLSClientHelloPacket_Test
7a96c5a32badb9650faa842922ad545b7336a676f033e724c1bed574a7c9a960	PE32	2022-03-17 00:01:07	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
8c23ec3b0a74caa501379c862a71aa1daf8e4cb2199f5d3fd0472159ad4c66bf	HTML	2022-03-16 23:07:44	https://tria.ge/220315-yla8qadfhj/behavioral1	CuckooSandbox/embedded_win_api YRP/domain YRP/IP YRP/url [+] YRP/contentis_base64 YRP/System_Tools YRP/VM_Generic_Detection YRP/Misc_Suspicious_Strings YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Big_Numbers4
5c49f98d3516edf56c996c2da5f095a0b97df772a558bb2e9d5a5d4355adab05	PE32	2022-03-16 21:03:11	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
0eea7cc76d07908dd3e05947ea68f26e42eb884a0d7ea5119375b95b7b8cfea3	HTML	2022-03-16 11:17:08	https://tria.ge/220315-yla8qadfhj/behavioral1	CuckooSandbox/embedded_win_api YRP/domain YRP/IP YRP/url [+] YRP/contentis_base64 YRP/System_Tools YRP/VM_Generic_Detection YRP/Misc_Suspicious_Strings YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Big_Numbers4
67eff1dc0836f810382eff5ae6c3b92751dc1b11fc42481a0c66644efb470156	PE32	2022-03-16 09:00:20	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
a6273be8ac2cf9e0e1f27fab4df38a640facd740d7c10c552f26d35716bb10cd	PE32+	2022-03-16 02:49:15	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/WMI_strings YRP/anti_dbg YRP/antisb_threatExpert YRP/network_http YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
57b0b6d4f2850d9ddda420ff1c1b4c0619a3a5e46810b0bb2151e191ea183d13	PE32	2022-03-16 02:05:28	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/with_images YRP/with_urls YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_smtp_raw YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/FGint_FindPrimeGoodCurveAndPoint YRP/BASE64_table YRP/Delphi_FormShow YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/GenerateTLSClientHelloPacket_Test
64e4acd4fed284a2de78f592ed262cb4f2ad5acda5106aa07f4011c9b32e1453	HTML	2022-03-15 23:08:28	https://tria.ge/220314-rwzkqsged5/behavioral1	CuckooSandbox/embedded_win_api YRP/domain YRP/IP YRP/url [+] YRP/contentis_base64 YRP/System_Tools YRP/VM_Generic_Detection YRP/Misc_Suspicious_Strings YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Big_Numbers4
d9c811eae2b07eca77f74ca45e1efee2a2c91add3f8606c489f526eb43f55287	PE32	2022-03-15 16:08:50	https://authsecure09averify.duckdns.org/2022....	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Sandboxie_Detection YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__RemoteAPI YRP/anti_dbg YRP/network_dns YRP/keylogger YRP/rat_webcam YRP/win_hook YRP/Njrat
6c81124f30ad85f302d1d818aa396d3b2f035b9a4c74e22b5d9676975cd08f47	HTML	2022-03-15 11:05:44	https://tria.ge/220314-rwzkqsged5/behavioral1	CuckooSandbox/embedded_win_api YRP/domain YRP/IP YRP/url [+] YRP/contentis_base64 YRP/System_Tools YRP/VM_Generic_Detection YRP/Misc_Suspicious_Strings YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Big_Numbers4
108f634f4387261b860cae936a74ef2a4f29d4ce4a9c58e5066f1046a7985a71	PE32	2022-03-15 02:05:10	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/WMI_strings YRP/anti_dbg YRP/antisb_threatExpert YRP/network_http YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
d7450131c835b2df9dcea263bf7f73d03238698a63b6a6fe9faa35ea59439731	PE32	2022-03-14 15:03:25	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/WMI_VM_Detect YRP/android_meterpreter YRP/Big_Numbers3 YRP/CRC32_poly_Constant
86884e5bd9438eaa1f1997243647bc6a60ea922a7559d1d651e216d59a4283bb	PE32	2022-03-14 02:20:22	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/network_tcp_listen YRP/network_smtp_raw YRP/network_tcp_socket YRP/network_dns YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/suspicious_packer_section
8a24fe0774a718159bb47c3dcb362fac92a93c968ba44acaed675187debc9e35	PE32	2022-03-12 12:09:47	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/DebuggerCheck__QueryInfo YRP/SEH__vba YRP/disable_antivirus YRP/inject_thread YRP/network_dropper YRP/network_ftp YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/cred_local YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_sbox YRP/RijnDael_AES YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/universal_1337_stealer_serveur
ef15652e03fcdea3b06e52075ef746ab75224b68476ed8bbbbedb63689dc3874	PE32	2022-03-12 02:48:43	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/with_images YRP/with_urls YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_smtp_raw YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers0 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/FGint_FindPrimeGoodCurveAndPoint YRP/BASE64_table YRP/Delphi_FormShow YRP/Str_Win32_Winsock2_Library
705b4daf544f82a635abdc6826573cad7b3a922fdf7d1ff35f404a6a9c0d02ed	PE32	2022-03-12 02:46:22	User Submission	YRP/Safeguard_103_Simonzh YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_http YRP/network_dropper YRP/network_tcp_socket YRP/network_dga YRP/screenshot YRP/keylogger YRP/spreading_file YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
88754dc057dfb55aaca233f10d87da57e2c64494a2ee32b05082113f225b262a	PE32	2022-03-12 02:42:27	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/anti_dbg YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/MD5_Constants YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
f723cc3c8347a9586cb66353d36a33e8c9c3dfcf548d5db6e7001cee674348cb	PE32	2022-03-12 02:07:14	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/powershell YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/disable_antivirus YRP/escalate_priv YRP/win_token YRP/android_meterpreter YRP/suspicious_packer_section
27d8065cc18a8460521d01f1f6beef04371e4c30a8fafbdf21d032429227ccc3	PE32	2022-03-12 02:05:02	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/with_images YRP/with_urls YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_smtp_raw YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/FGint_FindPrimeGoodCurveAndPoint YRP/BASE64_table YRP/Delphi_FormShow YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/GenerateTLSClientHelloPacket_Test
44d3f0dac64bcb0afc7b2dce65f84689d6603078056db66f0a2eead69cff092a	PE32+	2022-03-12 02:04:28	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/antisb_threatExpert YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/MD5_Constants YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
b375967d95d53c271d9ec0c53a315f6e6dde924ac64f9e97545ae33a1526495f	PE32	2022-03-11 09:01:13	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
9ce72a30d4f6edd1f3bb5060bbe9e029a2910b74dcdc18588810716b96816fe4	PE32	2022-03-11 09:00:53	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
9954343d321e004ca91d545120342779badff504f07e27144a511640d19a90bf	PE32	2022-03-11 09:00:46	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
6f338c5257bcb275a120e49879e6608dd3291ad7547f353812034990c36fe64c	PE32	2022-03-11 09:00:26	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
3e8e74d1eae290bdc15f21648c46eed660697cf1f40434442b00b7b05b8547c6	PE32	2022-03-11 06:01:50	User Submission	YRP/possible_includes_base64_packed_functions YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/NETexecutableMicrosoft [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Sandboxie_Detection YRP/VirtualBox_Detection YRP/Qemu_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_VBox_Guest_Additions YRP/Check_VBox_VideoDrivers YRP/Check_VmTools YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/disable_antivirus YRP/win_files_operation YRP/vmdetect_misc YRP/suspicious_packer_section
3610cb302d550931342613a302c16e99f4f5fcd30bfb9d2ec39dab128179ca3a	PE32	2022-03-11 04:04:19	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/VM_Generic_Detection YRP/anti_dbg YRP/inject_thread YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/MD5_Constants YRP/Delphi_FormShow YRP/Delphi_CompareCall
6e7f8dc29296ce3dbe4bd445d2c7b97235f5fc831c60e42648c433d762fb8200	PE32+	2022-03-11 02:34:25	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Antivirus YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/BITS_CLSID YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/disable_antivirus YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/Prime_Constants_long YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/CRC32b_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_sbox YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
284e2b99d057f2832205aa1729120a35b289caa173025d88f90435afac936ca0	PE32+	2022-03-11 02:20:36	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/WMI_strings YRP/anti_dbg YRP/antisb_threatExpert YRP/network_http YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
c254f6c89b101125e36661773c7df253d7c908d72bf0a01d8873fb192ff2e96b	PE32	2022-03-11 02:16:27	User Submission	YRP/Visual_Cpp_2005_Release_Microsoft YRP/VC8_Microsoft_Corporation YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__GlobalFlags YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/SEH__vectored YRP/Check_Debugger YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/CRC32c_poly_Constant YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table
402279349289b216313010255009700d89664f3c8de9fb87d1d69010c514131b	PE32+	2022-03-11 02:09:23	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/antisb_threatExpert YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/MD5_Constants YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
99ce91a1a84d1bf2c2cd4d87f9c40446b921b70bc78d2e979f3278dc2ad95d80	PE32	2022-03-11 02:09:11	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature [+] YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/VM_Generic_Detection YRP/DebuggerCheck__QueryInfo YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/escalate_priv YRP/screenshot YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32c_poly_Constant YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Http_API
47a81b5132d7251264a4fea7f56ebc486e6efe0b84181c789504bc237f941279	PE32	2022-03-11 00:06:26	User Submission	YRP/possible_includes_base64_packed_functions YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET [+] YRP/Microsoft_Visual_Studio_NET_additional YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/WMI_VM_Detect YRP/anti_dbg YRP/antivm_bios YRP/network_tcp_socket YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/RijnDael_AES YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section
23dd16b43bcdcf1452a955ce9f2e38f76b629b8b1ecb5556c5feec5fc320aa40	PE32	2022-03-10 02:32:04	User Submission	YRP/Visual_Cpp_2005_Release_Microsoft YRP/VC8_Microsoft_Corporation YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__GlobalFlags YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/SEH__vectored YRP/Check_Debugger YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/CRC32c_poly_Constant YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table
24b305b7fcd686c98bc9d4fbd3694522044755ac765770c3d7c27c2eeb1c01df	PE32	2022-03-10 02:31:34	User Submission	YRP/Visual_Cpp_2005_Release_Microsoft YRP/VC8_Microsoft_Corporation YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__GlobalFlags YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/SEH__vectored YRP/Check_Debugger YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/network_tcp_socket YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/CRC32c_poly_Constant YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
82bbb8b04e2ae7494caae6d76c57f7f81d1cfe94d51a7b9fc2cfb5c93357f9c0	PE32+	2022-03-10 02:29:21	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/DebuggerHiding__Thread YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_registry YRP/win_token YRP/win_files_operation YRP/BASE64_table
3c8acfa90eed5ab18fd669bea9d494d9fb96f964d9040ee03ff9889dbaada294	PE32	2022-03-09 21:00:13	User Submission	YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/WMI_VM_Detect YRP/android_meterpreter YRP/Big_Numbers3 YRP/CRC32_poly_Constant
1f542276b6f409ec9ba782579fb87b75c7e5b4a9ae5bd79d0afea4c04d3db0a6	PE32	2022-03-09 10:04:16	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasModified_DOS_Message YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/bitcoin YRP/screenshot YRP/win_registry YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/CRC32c_poly_Constant YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_Long YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/GenerateTLSClientHelloPacket_Test
9962a47d1e99769d579b69dc996741349da69a5ba42db5b9cbac38897fe7470d	PE32	2022-03-09 02:22:37	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/with_images YRP/with_urls YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Antivirus YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_smtp_raw YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/FGint_FindPrimeGoodCurveAndPoint YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Delphi_FormShow YRP/DCP_RIJNDAEL_Init YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/GenerateTLSClientHelloPacket_Test
5e7cf38f949754eff8f7c69fb43714098539eec01db3a0061d76a5b2e94e61a3	PE32+	2022-03-09 02:15:36	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/WMI_strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
40cfa0789dc3f55a42291a2482fafefcedea6eb0a1ecc785f2bad35b7298d019	PE32	2022-03-09 02:13:47	User Submission	YRP/Visual_Cpp_2005_Release_Microsoft YRP/VC8_Microsoft_Corporation YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__GlobalFlags YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/SEH__vectored YRP/Check_Debugger YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/CRC32c_poly_Constant YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table
f520d56178dda9a24bd327186c092b11782cbe52fd035cd9585d105958676a68	PE32+	2022-03-08 02:35:08	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/anti_dbg YRP/win_registry YRP/win_token YRP/win_hook YRP/Big_Numbers1
35f4f03683cdfbe92e04a280c8a298acbe9dc092a7dbabb6552239be5be74c1a	PE32+	2022-03-08 02:35:01	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/anti_dbg YRP/win_registry YRP/Big_Numbers1
d0a680010b9cef10030bc850924e60bcd7759b6c6a6ca4834fba09dac50dd12e	PE32+	2022-03-08 02:34:55	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/VM_Generic_Detection YRP/anti_dbg YRP/network_dga YRP/screenshot YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
6bab4b7d058fcda41f6c89fe0d2bc93faebffa71361a1b7b98e6e70b58714ddd	PE32+	2022-03-08 02:33:58	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/WMI_strings YRP/anti_dbg YRP/network_dns YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Http_API
639a9e9edaf77593002bb3687575c9ef1c0daba5c76073d1d00ec5ba56428e54	PE32+	2022-03-08 02:33:47	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/VM_Generic_Detection YRP/anti_dbg YRP/win_registry YRP/win_token YRP/Big_Numbers1
21983442bdc47c448e3e2ae4aaf7c9770339b306594d34d07dc790496f19d68c	PE32	2022-03-08 02:23:35	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/anti_dbg YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_private_profile YRP/win_files_operation
29d4b6ba5ba0d74f8ee886714f44ed62bf8efc92eb2b07f39de45323fb4bb505	PE32	2022-03-08 02:15:46	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dga YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/spreading_file YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Advapi_Hash_API YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
2b86ebd93194dee9a82c79736b58862ce9c5d861adb2e6be612b33a7ff23328e	PE32	2022-03-08 02:14:33	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dga YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/spreading_file YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Advapi_Hash_API YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
98ce3d6ce371e79ff059a6769f1a69663f9c4e10a3077dd71fcdcfc3cdcd060d	PE32	2022-03-08 02:14:18	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/with_images YRP/with_urls YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_smtp_raw YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/FGint_FindPrimeGoodCurveAndPoint YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/suspicious_packer_section
402a7cb7e66d7868a933715747e1437af89ad90e8a19274d2c5e0ff1b0363f12	PE32+	2022-03-08 02:12:00	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/WMI_strings YRP/anti_dbg YRP/antisb_threatExpert YRP/network_http YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
22dd8e1c31161a3f381a04c7899440731124c20871a5bd67d84ca447f4db8a36	PE32	2022-03-08 02:08:27	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_http YRP/network_dropper YRP/network_tcp_socket YRP/network_dga YRP/screenshot YRP/keylogger YRP/spreading_file YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
3d39c5b9b191644a74c9e310d06b67edbe920cf16001257047c76293c4965ed7	PE32+	2022-03-08 02:05:45	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/VM_Generic_Detection YRP/anti_dbg YRP/win_registry
ebf0714be6323b17e7e340e9f98cd3e9386d537aa555d1e7d654d6c6095bf1bf	PE32	2022-03-08 02:00:12	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_60_70 YRP/Borland YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/with_images YRP/with_urls YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_smtp_raw YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers0 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/FGint_FindPrimeGoodCurveAndPoint YRP/BASE64_table YRP/Delphi_FormShow YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
7aae8d6047d6635874d9ec315a023918d172e7151f0e191d3c922871a7fffdf4	PE32	2022-03-06 21:04:39	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
795441cb22dd9890feb55a429a83200c4e041f8b5e6a9ea68642d667bd93422b	PE32	2022-03-06 21:04:33	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
5c1c996b5c3c0c5bc79a8bdc81cce4b677526c1cd356635c5d3ef5d2c4340309	PE32	2022-03-06 21:04:22	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
e1a0753e4f6cdc3c0d76bf398e51caf1fc2832e7f2680ef4edfb3c085fcf7ee1	PE32	2022-03-06 21:03:52	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
17b1ff82f6fdf389b7ad59c0f8f3dd8bb8a0066a10382ac4802faa5c69ba8e32	PE32	2022-03-06 21:03:46	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
e04abe63720769a5c9aed0a9b49990dd78a4cfc9ebaf7abe9a219ac39eba6620	PE32	2022-03-06 21:03:37	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
d8b3205d3aca558dba905ea3ae8e8a489010b7aa27d46c2edb79294970688d53	PE32	2022-03-06 21:03:20	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
d897d8221b8eb76d188ff014c0a7000e343def3f3656de106a2332dfb525b10d	PE32	2022-03-06 21:02:59	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
f6d31943805f4b5442a1f1b64dac9bf221517e94732975f3b3a9977b1c58b565	PE32	2022-03-06 21:02:52	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
c1bf03b66f471fea058779ece423d80ff9602122a67a0f89b5a506c1881f92b3	PE32	2022-03-06 21:02:46	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
bf3707f3452afea0c36daa35a9b5733c51fbe55bea56fa25403fda296df03404	PE32	2022-03-06 21:02:31	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
bb024552fee19d91554c034fc3b95ee5c0f7401887d2fef0f92692614f2292c6	PE32	2022-03-06 21:02:18	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
b7f29f65d82ff24a750ea3539590bf3bb1f70748bb9b9ceaa3f6e09ff32a1123	PE32	2022-03-06 21:02:12	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
bba47eef1547016da382b82802c5829269393f144c577b8ec8f4fbe870dbc618	PE32	2022-03-06 21:02:07	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
b974d40a94585eaadfc7f64a55de3a2ab4a42adca3e4d39a09092434ae42ef44	PE32	2022-03-06 21:02:01	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
afaf667854e5e5ab435421d964ed2ff892068f16cdf2338422a977316e740751	PE32	2022-03-06 21:01:54	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
b396dcdd2293ab25e4872acfca750da24c0932fae58d417c221246bb68e624a5	PE32	2022-03-06 21:01:46	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
ae959ec221035442e7391bdadcd326a02a1117c00baedbfde9cab31b23f6efdf	PE32	2022-03-06 21:01:41	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
a7b7e1c7ad47732718161378ea12e56fd30463ffe63bbde6e4b89262fe72e87c	PE32	2022-03-06 21:01:27	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
9fabe904c834ce18def4f058cd5c04367db9cc3714963eca1afd27992eac3101	PE32	2022-03-06 21:01:21	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
5c93a4ec7b5f9ba28d3c86b53f1766f5445ecb9b17dc39091046b04e55d9083a	PE32	2022-03-06 21:01:13	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
5a6c12a58a90a144d69916c776baeffdbe446f963322d0b1c060c40015bbbc74	PE32	2022-03-06 21:01:07	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
5339ed1ce76d0c89e3800cc10e6049164770870c046d23d2b626a5a3e8c4ae8d	PE32	2022-03-06 21:01:01	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
9a7654ccf7e364dee40625a625f28fd5074fb89af80292a2cc041fb304bfc9a8	PE32	2022-03-06 21:00:55	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
52a7b69c291f1fc198f0585371d35e6d013126ec8bf8416ff19dec0df5abb794	PE32	2022-03-06 21:00:48	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
52bd68ea60e7171ed2413cd5292b74ac9872928a1a723405fb73ad57419c5bc6	PE32	2022-03-06 13:01:58	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData [+] YRP/domain YRP/IP YRP/contentis_base64 YRP/VM_Generic_Detection YRP/WMI_strings YRP/WMI_VM_Detect YRP/Big_Numbers3
216c960ac6ef399e7ff33b18c03777237ced76d59ce0f8bb4d5f9a22e85b3bd8	PE32	2022-03-06 13:01:30	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_Studio_NET_additional YRP/NET_executable_ YRP/NET_executable [+] YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/WMI_strings YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/WMI_VM_Detect YRP/anti_dbg YRP/Big_Numbers3
3c5a8e9820b549a70a353997bbce4fe16956dbab22dedde2f358f0f10930cf44	PE32	2022-03-06 13:01:23	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/WMI_strings YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/WMI_VM_Detect YRP/anti_dbg YRP/Big_Numbers3
f6104fedc03b99ac01cb442bc160035fbc40457e53b1886c7fb9a4603eb02648	PE32	2022-03-06 02:45:31	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/ppaction YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/WMI_strings YRP/anti_dbg YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_private_profile YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/Str_Win32_Winsock2_Library
26bcedc0e573911a13652aaf2faaad16323b3994dd648ff9a5b6514e388197d1	DOS	2022-03-05 23:01:33	User Submission	YRP/powershell YRP/domain YRP/url YRP/contentis_base64 [+] YRP/Antivirus YRP/VM_Generic_Detection YRP/Dropper_Strings
5134ae821c71e4eeae5ab011ec490a65c0edf236a1075b5ac72fd73b759f77c2	PE32	2022-03-05 02:44:22	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/WMI_strings YRP/anti_dbg YRP/antisb_threatExpert YRP/network_http YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
8754c6ba234aedfd4e1c3f034c76926d636ecdfa4dc24593af4f22675fdf3baf	PE32+	2022-03-05 02:10:23	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_tcp_listen YRP/network_http YRP/win_mutex YRP/win_registry YRP/Big_Numbers1 YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
a87d10a3995ea6db62f65541511ec819a2574bea0effe46ce28646bf262a3d57	PE32	2022-03-05 02:09:41	User Submission	YRP/possible_includes_base64_packed_functions YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_antivirus YRP/network_http YRP/escalate_priv YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/VC8_Random YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
37b987a9f9a10dc07da2119d9846446d7f2a76ad0417cfe9a19fc4b9fbc9d688	PE32+	2022-03-05 02:08:55	User Submission	YRP/Microsoft_Visual_Cpp_80 YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/anti_dbg YRP/screenshot YRP/win_files_operation
9ec8f988ff41765b68c6a4d29d259fafb62e97ad2d3633c43fbe0ab0dd12518d	PE32	2022-03-04 23:10:03	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Sandboxie_Detection YRP/VirtualBox_Detection YRP/Qemu_Detection YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/Check_Qemu_Description YRP/Check_Qemu_DeviceMap YRP/Check_VBox_Description YRP/Check_VBox_DeviceMap YRP/Check_VBox_Guest_Additions YRP/Check_VBox_VideoDrivers YRP/Check_VMWare_DeviceMap YRP/Check_VmTools YRP/WMI_VM_Detect YRP/vmdetect_misc YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32b_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table
808af4d916765973110932dcfb5c7acd49e776a130badb1d3bc4c92ab7d9801d	PE32	2022-03-04 23:02:46	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/DebuggerCheck__QueryInfo YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/inject_thread YRP/network_dropper YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/CRC32b_poly_Constant YRP/MD5_Constants YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library

Recent Searches
yrp/vm_generic_detection
yrp/bobsoft_mini_delphi_bob_bobsoft_additional
yrp/autoit
yrp/delphi_random
yrp/cred_local
yrp/network_smtp_raw
yrp/spyeye
yrp/spreading_share
yrp/petite21
yrp/netexecutablemicrosoft

Search

Recent Searches