MalShare

SHA256 Hash	File type	Added	Source	Yara Hits
4eed1a24193150dd30bce0c729da09759aa314f152966b2ccecfbb6da65619f9	Composite	2022-03-20 21:22:20	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/maldoc_OLE_file_magic_number
362ca2559d7ef895a8566f15418bd2ba91894d6ae55a4d30e5d4e98fd03d45fc	ELF	2022-03-20 21:00:33	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 [+] YRP/Big_Numbers4
bff03750334b1e3cc5edda99a795459ea63022a26ee98f00d33341dfad9e7b6f	Composite	2022-03-20 20:36:22	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/maldoc_OLE_file_magic_number
d0062f473c4350dc934752dc4f876c962eeb1c43968647695460f4c8ed629a46	PE32+	2022-03-20 19:01:02	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsConsole YRP/HasOverlay [+] YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/win_files_operation
fd5616d669a89ba643bd4cc035d4d1924a71b11618cd61c8e783de746753b62a	PE32	2022-03-20 15:39:25	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_files_operation
e840cc03f3a65cd2507fabcc876b5a4fb42d66bfe0ddb7f28280183bd4f75040	MS-DOS	2022-03-20 14:54:14	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Shifu YRP/suspicious_packer_section
d013be1440f64e234c7631f2a3bb1b4d7c12bcb97d3804dc0e66753cde13ebc8	PE32	2022-03-20 14:02:15	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasRichSignature YRP/maldoc_indirect_function_call_3 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/win_registry YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/MS17_010_WanaCry_worm YRP/WannaDecryptor YRP/NHS_Strain_Wanna YRP/Wanna_Cry_Ransomware_Generic YRP/WannaCry_Ransomware YRP/WannaCry_Ransomware_Gen YRP/WannaCry_Ransomware_Dropper YRP/WannaCry_SMB_Exploit YRP/suspicious_packer_section FlorianRoth/WannaCry_Ransomware FlorianRoth/WannaCry_Ransomware_Gen
beafa62df10a1c9a82e89bab66b87fe1b2da65cbd553676f8c4358d5a92d3229	MS-DOS	2022-03-20 13:27:04	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 [+] YRP/domain YRP/contentis_base64 YRP/Big_Numbers1 FlorianRoth/DragonFly_APT_Sep17_3
bb44a88339e83bc2ecbd06edef1acf6c54e66c4c4922005a67c27f970f717075	PE32	2022-03-20 13:19:29	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/VMWare_Detection YRP/Sandboxie_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/network_smtp_dotNet YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32b_poly_Constant YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/CAP_HookExKeylogger
b99e0b750b3815fec3b292ede3f94524c8bede7d158334295e096518e9cde0ad	PE32	2022-03-20 13:16:12	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerCheck__RemoteAPI YRP/anti_dbg YRP/inject_thread YRP/network_udp_sock YRP/network_dns YRP/Big_Numbers3
b32bc6d8b506b75ee68f7184a0a84eb6afc24b4514d9073b55c67d7b95354553	PE32	2022-03-20 13:01:01	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/VMWare_Detection YRP/Sandboxie_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/network_smtp_dotNet YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32b_poly_Constant YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/CAP_HookExKeylogger
a6196179c44372989a82cd3bc60a87262a4bb6a583f6aa38789b4ecafbe5c7b8	PE32	2022-03-20 12:30:34	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/BITS_CLSID YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/create_service YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Advapi_Hash_API YRP/MD5_API YRP/VC8_Random YRP/Str_Win32_Winsock2_Library
9b233994400898091ccf11650beeab0d234ca3c9c5472dcbaa95360eb14d5516	MS-DOS	2022-03-20 12:04:44	User Submission	YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/IsBeyondImageSize [+] YRP/HasModified_DOS_Message YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/Obfuscated_Strings YRP/win_registry YRP/Prime_Constants_long YRP/RijnDael_AES YRP/BASE64_table YRP/VC8_Random FlorianRoth/WiltedTulip_ReflectiveLoader
84b87be120ec7d63af6e791e1642c63d4d83c09a1726f3b036c19547ccbef6be	MS-DOS	2022-03-20 11:18:33	User Submission	YRP/Visual_Cpp_2005_DLL_Microsoft YRP/Visual_Cpp_2003_DLL_Microsoft YRP/IsPE32 YRP/IsDLL [+] YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/ThreadControl__Context YRP/anti_dbg YRP/inject_thread YRP/network_http YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Prime_Constants_long YRP/RijnDael_AES YRP/BASE64_table YRP/VC8_Random YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API FlorianRoth/WiltedTulip_ReflectiveLoader FlorianRoth/ReflectiveLoader
8270d45e0ff9f3bf19cb0bcaf72e21190d3c404ccd79e7b773b4ba3b915f37cd	PE32	2022-03-20 11:15:03	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 [+] YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/anti_dbg YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/network_dga YRP/escalate_priv YRP/win_mutex YRP/win_token YRP/win_files_operation YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API FlorianRoth/ReflectiveLoader
6ad2831339a2a6fc8d140c8718cf38fabef9915409bd32cd86221b515b4be629	PE32	2022-03-20 10:22:45	User Submission	CuckooSandbox/vmdetect YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/VMWare_Detection YRP/vmdetect YRP/network_tcp_socket YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
7f7ebad193f76acfd76deebe1f9614da18537896e0e6b04d7873cd486f0cf4fd	PE32+	2022-03-20 06:03:14	User Submission	YRP/IsPE64 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked [+] YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/ThreadControl__Context YRP/android_meterpreter YRP/suspicious_packer_section
12138a12e35563461860d8c39d80e7cbf80aced9a3f197bf7e6a452a70e07048	PE32	2022-03-20 06:01:33	User Submission	YRP/IsPE32 YRP/IsConsole YRP/maldoc_getEIP_method_1 YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
db7a30e9b00ca0f55460c2b617afef03bfa42f53d60d32fe29014f9daf1574e7	PE32	2022-03-20 02:22:54	User Submission	YRP/Safeguard_103_Simonzh YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_registry YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants
7ca3a574a09655d494319a7b384ea36a87570379f81b8f2a70486d8adb2c2d6a	PE32	2022-03-20 02:16:05	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/Big_Numbers1 YRP/suspicious_packer_section
b47e5b1053024fc778fabee51f8e6ad0b60adc8fc883d0da349ede7a3ad101d1	PE32	2022-03-20 02:08:09	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers0 YRP/Big_Numbers2 YRP/Prime_Constants_long YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/DES_sbox YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/GenerateTLSClientHelloPacket_Test
1e5f4dc0fe0344f73ca1479d01e9a6acbdce32a38649bb86a981e73094d5e01d	ELF	2022-03-20 02:00:18	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64
48f8e6c417e0fca7d5b237ac5142f4e27ac048d8292e9a831be9254b34e0124d	PE32	2022-03-20 00:31:12	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32b_poly_Constant YRP/RIPEMD160_Constants YRP/SHA1_Constants
9bc179211df1495b972c87dc90029973085cca4fea0c26630f33d5dea2a9137f	MS-DOS	2022-03-19 20:01:16	User Submission	YRP/MPRESS_V200_V20X_MATCODE_Software_20090423 YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/mpress_2_xx_x86 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/IsPacked YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/screenshot YRP/suspicious_packer_section
ad4c3cc763edfa82c4bfe0be1397f8a48151c0c218268285a55643f1486f1162	ELF	2022-03-19 19:03:58	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64
6af405ee90b04e560116c3bf4fc5173d504d1759dc480aafc7261a5e7e090644	ELF	2022-03-19 19:03:35	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 [+] YRP/Big_Numbers4
5fada6688eefb3bfeae9e142ab45316a9a43a8c09029d1bfb24481c8f6d2d253	ELF	2022-03-19 19:02:34	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64
971443aa3efcab7657935b3346d329d957612209f634bbda0203376dddf15512	PE32	2022-03-19 19:01:52	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/SEH__vba
c108c8aa3363901dfa35356629b3641a78cdca36573ae5800cf1b840744674bb	ELF	2022-03-19 19:01:27	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 [+] YRP/Big_Numbers4
eed3dc3bd8fe006447ebd633cd8ce00a38f96c69f05d7a621c852ef2c45192ae	PE32	2022-03-19 19:00:48	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/suspicious_packer_section
7466275d0e34cc238a41d92e1e86d231d1c82af720f20bd4a1f2d0a4c529406c	PE32	2022-03-19 17:03:29	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/suspicious_packer_section
ebddd1bd4994a2e430a41296a494bb098931d582c114173051ddfb30ec1cc855	PE32	2022-03-19 17:03:22	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64
be27934c7e49a992c57d36977b09107573dfabe80b6c90cbf2dc69dbc00c3723	PE32	2022-03-19 17:00:42	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay [+] YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/android_meterpreter YRP/suspicious_packer_section
7e88ed156792b237a9e207088d7498a6df44b573c06a822748e410ce113804a6	ELF	2022-03-19 10:00:39	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64
2eb0bd8d5497a0ff3032732ac570f0ff05195e6f72bc724d71db06be6a02fc26	PE32	2022-03-19 06:08:55	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay [+] YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_ssl
a78c6b44fa48674f8dc9572fd7ff9b15347dca01f9aa38d34fc18d688f92c4a4	PE32	2022-03-19 06:07:37	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/win_registry YRP/suspicious_packer_section
ceaaa11843349aefcdcff93b5879d0a5c51238fe5ea5d45858628fd2d995fa1f	PE32	2022-03-19 06:06:23	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/network_ssl YRP/suspicious_packer_section
afe63d885189002afc769724d179e239b7ca0f80277c64c89a5c1b5bfe54c3c4	PE32	2022-03-19 06:06:07	User Submission	YRP/FSG_v110_Eng_dulekxt_ YRP/IsPE32 YRP/IsNET_EXE YRP/IsConsole [+] YRP/IsPacked YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/win_registry YRP/Big_Numbers1 YRP/suspicious_packer_section
03932dc55f26d7fdd7060539587000bb8ede8ade250fe77d9bead3c1f9123c22	PE32	2022-03-19 06:04:31	User Submission	YRP/Borland_Delphi_40_additional YRP/Enigma_Protector_V11X_V15X_Sukhov_Vladimir_Serge_N_Markin YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Enigma_Protector_11X_13X_Sukhov_Vladimir_Serge_N_Markin_additional [+] YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Enigma_Protector_11X_13X_Sukhov_Vladimir_Serge_N_Markin YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/EnigmaProtector11X13XSukhovVladimirSergeNMarkin YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/win_registry
1c524c438438a2998e6f47513a8b639dc7f9c1ea649085bea77b2509f5e62dd5	PE32	2022-03-19 06:02:05	User Submission	CuckooSandbox/vmdetect YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI [+] YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VMWare_Detection YRP/vmdetect YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/suspicious_packer_section
6c027eb8b1af49f359019eab464156cb24535b599b615c0f3ca7d0e29d07879f	PE32	2022-03-19 06:00:27	User Submission	YRP/possible_includes_base64_packed_functions YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasOverlay YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/win_registry
090684278186e568d9945f94e15a0cfb27cfac3f2ddb591c29a95fa612beb4d7	ELF	2022-03-19 04:00:23	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64
03b48ddc82c7d876a80bcfb3a8d56230c8ac391f6262e240d7413909bfa92a8e	PE32	2022-03-19 02:32:39	User Submission	YRP/Borland_Delphi_40_additional YRP/Enigma_Protector_V11X_V15X_Sukhov_Vladimir_Serge_N_Markin YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Enigma_Protector_11X_13X_Sukhov_Vladimir_Serge_N_Markin_additional [+] YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Enigma_Protector_11X_13X_Sukhov_Vladimir_Serge_N_Markin YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/EnigmaProtector11X13XSukhovVladimirSergeNMarkin YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/win_registry
9b2665faf9d472278bcf0808691c2fa4246d9efcecda527d222f48b1c32de829	PE32	2022-03-19 02:27:58	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Misc_Suspicious_Strings YRP/Big_Numbers2 YRP/suspicious_packer_section
605be2fb4ca862a2415846b1aaa62c458abb3a5b5d2fe940b8f6a8a9c9a3dc34	PE32	2022-03-19 02:27:50	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay [+] YRP/HasModified_DOS_Message YRP/FASM YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/win_registry
08b4215f1682fe599d8246a5b2dd0b2cdb4545892c47dd6481ade3d2563815bb	PE32	2022-03-19 02:24:15	User Submission	YRP/Safeguard_103_Simonzh YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
c8d64031c8e3693345204af36046388cca0fb60965936cb8a6abc77d87f5e3ef	ELF	2022-03-18 22:00:23	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url [+] YRP/contentis_base64 YRP/Big_Numbers1
e51efdd6e121beb0f4c90bb97201c950cd9392ab897d3f667411094a407d52f0	PE32	2022-03-18 21:01:14	User Submission	YRP/Borland_Delphi_40_additional YRP/Enigma_Protector_V11X_V15X_Sukhov_Vladimir_Serge_N_Markin YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Enigma_Protector_11X_13X_Sukhov_Vladimir_Serge_N_Markin_additional [+] YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Enigma_Protector_11X_13X_Sukhov_Vladimir_Serge_N_Markin YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/EnigmaProtector11X13XSukhovVladimirSergeNMarkin YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/win_registry
58b0576472e98648e5b5ca7d64ac5aee9d812da4eca6287211266e23ce1b8aeb	ELF	2022-03-18 18:01:45	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 [+] YRP/Big_Numbers4
8e1aee087bed6d1e9294a6aa6da652a290b6c73e25df3bf4ddec2803fb9b904d	ELF	2022-03-18 16:02:00	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 [+] YRP/Big_Numbers4
e60341d45e6ac76bb43b525f734dbdb038957893d12eea4aa669eb46ad3e39ca	ELF	2022-03-18 10:05:38	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64
b61b4dd0deae415c6f57936e6b4ce2d5d8f5b658ba62860026133cb87cf6652a	ELF	2022-03-18 10:04:46	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64
1fa38bd7a3d6a7b73ac4893bb7edc04fb3f56dcfad3b3e6b3fa6d4729add22e2	PE32+	2022-03-18 10:02:56	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasDebugData [+] YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/anti_dbg YRP/win_files_operation YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table
0d89ef55202ab8ebf001363ee8aefe41c6528eafe18405b8c2525107f050b0e7	PE32+	2022-03-18 10:02:45	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasDebugData [+] YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/anti_dbg YRP/win_files_operation
0b2db410c50d9e4eb7e88177c463be3da5fff5527d9dc2ae10fa26ebe2721ef1	PE32	2022-03-18 10:02:34	User Submission	YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/anti_dbg YRP/win_files_operation YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table
879ad3f6226119bc5be197ac03b14c62c87060ebfb9efea4c8571d15772ef705	PE32	2022-03-18 09:06:13	User Submission	YRP/VC8_Microsoft_Corporation YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/CRC32c_poly_Constant YRP/CRC32_poly_Constant YRP/CRC32_table YRP/SHA512_Constants YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite YRP/GenerateTLSClientHelloPacket_Test
984d3525e511ffa705058ad77fec24bcced63c4ff100a43052be7b401084e447	PE32	2022-03-18 09:04:43	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/win_registry
a364ac3a85646140bf43748f643c2172b42dd4dfc6b66030db2ed5f93abc7f7e	PE32	2022-03-18 06:02:30	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/suspicious_packer_section
4208f9831facc991ed2ffa01acc7698ac4f57cbff0af578f61aab68817028d85	PE32	2022-03-18 06:01:42	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/suspicious_packer_section
d0f3e331802a41969a5efcb7b89948623dc35a519befff49a943410dddac0c16	PE32	2022-03-18 05:00:30	User Submission	CuckooSandbox/vmdetect YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/VMWare_Detection YRP/vmdetect YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/suspicious_packer_section
f6ae7232bae7df2bcef0146c867f4288e52c2ff8a365d0d665a20c5d35112676	PE32	2022-03-18 02:24:09	User Submission	YRP/Safeguard_103_Simonzh YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
7c6d83ab98a0b82641bb45a2457d29eb34102c76e57412a260b27543c9103046	PE32	2022-03-18 02:23:51	User Submission	YRP/Safeguard_103_Simonzh YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_registry YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table
3e022380a4b739fa20d9a66ddf0e7f814b6b46ebe603b19f85bd6261408bd2ca	PE32	2022-03-18 02:21:03	User Submission	YRP/Safeguard_103_Simonzh YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
1514a68e32606b7718db8ad1f76d92c71daa1ce1956115db73d3d726dd43bcfa	PE32	2022-03-18 02:14:11	User Submission	YRP/Safeguard_103_Simonzh YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/BASE64_table YRP/Str_Win32_Http_API
4a342bfe78384a69f32343586ac44337a4cfe56f9ad0da53554f1f710e204f26	PE32	2022-03-18 02:07:20	User Submission	YRP/Safeguard_103_Simonzh YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API
347cf928e6b1ce86c9094221931edfb2df48fed7a64db9adc11ed7877d2003dd	PE32	2022-03-18 02:02:59	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay [+] YRP/HasModified_DOS_Message YRP/FASM YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/screenshot YRP/android_meterpreter YRP/Big_Numbers1
543df65661d5868715d33476df677bfdc8b15d3cd7e013d442cd88fc8e7e18e9	PE32	2022-03-18 02:02:36	User Submission	YRP/Safeguard_103_Simonzh YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API
019f56fc6c2d5185101273fd4d4d046c7a81f6656da4048a7188cb339c73d393	PE32	2022-03-18 02:02:02	User Submission	YRP/Safeguard_103_Simonzh YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API
fb333caf39bc2f71a21484f44e5a8c0120e77583ed842f80ec5ada04f5c5944b	PE32	2022-03-18 02:00:34	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/suspicious_packer_section
c50bca08a8e80850ec18d258ff937b7b72a500d9027c730c86b05aa73c938b5d	PE32	2022-03-17 22:03:22	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/maldoc_getEIP_method_1 YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_file YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
3a96c3075b8494fe6a76c6325946ab3f200e75ce26ad886446ea1394b5ac6ba1	PE32	2022-03-17 22:03:12	User Submission	YRP/IsPE32 YRP/IsConsole YRP/maldoc_getEIP_method_1 YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
0004cec68fdb95507c6161d84e4965db60f997a679ce20786075992f1e5b340c	PE32+	2022-03-17 19:01:36	User Submission	YRP/IsPE64 YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/HasRichSignature [+] YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/inject_thread YRP/network_dropper YRP/network_tcp_socket YRP/network_dns YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Str_Win32_Winsock2_Library
9634a56c20dccd7bba60b4d19e61e909f4d3bb06b302bb1bbeac3886df30f710	PE32	2022-03-17 18:00:20	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay [+] YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/win_files_operation
af40cf0917b2a1b94cc39c7cc3927a210671644842fca19ff84288061b234f51	ELF	2022-03-17 17:02:39	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 [+] YRP/Big_Numbers4
a18b57f462bc3cd80f3f0d2069160e097da2bb4a0424cb8db23f814c72d3fead	PE32+	2022-03-17 17:00:22	User Submission	YRP/IsPE64 YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/maldoc_getEIP_method_1 [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Big_Numbers1 YRP/suspicious_packer_section
f9ef744eb7e148fc3bfb8b063c0a6ff1a6f0015560fe198c1f3a8fb1de7a25d5	ELF	2022-03-17 14:02:21	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64
516fbcafcafa717fedacab56aaa54f7949772efdf9d304dcfa2889709c94b778	ELF	2022-03-17 14:00:51	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64
8c02f678eca90738a4911f406b77ccb1aee849be2a78c442177850296f563d1a	ELF	2022-03-17 12:02:59	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64
7cb80beba40d2e3e973c4d8d06d1e4c4eb6387a5110b50ce652bb6805e5cc883	ELF	2022-03-17 12:02:21	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64
f555b50e3d286daf7f90b2b0baae0225dfeb15a4845d98017f28695745e568f3	ELF	2022-03-17 12:01:50	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64
47149241ee5633f1fe0bf7eb194dc00214d2c5f99b5d78a9ee91ebba9fdad395	PE32	2022-03-17 02:26:46	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64
bd0f27fcc8f7be6d2c00fd068321421c58a863e7e2717dc5643a16c9d607180d	PE32	2022-03-17 02:21:41	User Submission	YRP/VC8_Microsoft_Corporation YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/VM_Generic_Detection YRP/Qemu_Detection YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vectored YRP/Check_Qemu_Description YRP/Check_VBox_Description YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/suspicious_packer_section
4735a3981f85f360b194d02d133040902d2d86a0124ecb6644b9295315ac5282	PE32	2022-03-17 02:18:19	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64
46c490de0557e84c5b74844a9838a3720f7736c3a398dbbea91a1b793b9a5750	PE32	2022-03-17 02:18:11	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/android_meterpreter YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers4
e29619d32a3af2ede7b4087ff3be84ccf8a61c5dbd801a90fe71288b0f136f82	PE32	2022-03-17 02:06:34	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64
378762ac844547ce9cf8319d9c8474de2d4702d62f50f583b5b07bbae4b96c28	PE32	2022-03-17 02:02:43	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/QtFrameWork YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/GenerateTLSClientHelloPacket_Test
d78fc1dcbca397001b5c4956ea2c5057f83866efce7bbef4ae6c6e48cfe07900	PE32	2022-03-17 02:01:47	User Submission	YRP/IsPE32 YRP/IsConsole YRP/IsPacked YRP/HasOverlay [+] YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/Str_Win32_Winsock2_Library YRP/suspicious_packer_section
d2cd62cf0d7d373e2aced6dc60869b87a265950cf28a13e0fb701eda8535781b	PE32	2022-03-17 02:01:19	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay [+] YRP/HasModified_DOS_Message YRP/FASM YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/android_meterpreter
675e77d54a3d0b879137745f038c41bd0874cdccffc7f7b09a4dd49e0b235ed7	PE32	2022-03-17 00:01:23	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Qemu_Detection YRP/Misc_Suspicious_Strings YRP/suspicious_packer_section
7a96c5a32badb9650faa842922ad545b7336a676f033e724c1bed574a7c9a960	PE32	2022-03-17 00:01:07	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
2c6496289f6b65f688534b8e2ceaffc18447363091e2da4005ae89880eb13019	ELF	2022-03-16 23:01:04	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 [+] YRP/Big_Numbers4
5de4f5a7d615ede269f0d3670d156411168d47f6f0595891ef25464fe1cb86ce	ELF	2022-03-16 21:05:09	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64
6dd995d896a9a593b2c48d09da60bd83866d8577273f36d38788d83ad8173e68	PE32	2022-03-16 21:04:38	User Submission	YRP/IsPE32 YRP/IsConsole YRP/maldoc_getEIP_method_1 YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
5c49f98d3516edf56c996c2da5f095a0b97df772a558bb2e9d5a5d4355adab05	PE32	2022-03-16 21:03:11	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
dfc1aa0acee671f96551980d2e846b287e1f19edde0847cc3e851ac5e9ce6ad5	PE32	2022-03-16 17:03:50	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Misc_Suspicious_Strings YRP/win_registry YRP/Big_Numbers2 YRP/suspicious_packer_section
a9ecedb49c245f8a4f10dba16ca3dcfcd75eeb3750f48b6229d072358127f1e1	MS-DOS	2022-03-16 16:21:41	User Submission	YRP/MPRESS_V200_V20X_MATCODE_Software_20090423 YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/mpress_2_xx_x86 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/IsPacked YRP/HasModified_DOS_Message YRP/QtFrameWork YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/screenshot YRP/suspicious_packer_section
23a170cbf567895e81feeddfc9ce427879e7162173f4d8c58ec1e752be0b68f0	ELF	2022-03-16 15:07:01	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64
eb10d037db4f07bac9ec2fc133bfa3dcd66c808b8f10d8038ab375a8fade8b40	ELF	2022-03-16 15:05:17	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 [+] YRP/Big_Numbers4
aa2ac6e9cf50403c547839371d01bb57dff97d58466fc95c457a43107f45d070	ELF	2022-03-16 15:02:40	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 [+] YRP/Big_Numbers4
13054eedf8b002f51dbce77433ac4600eb980590c08f96d282b4dbc0a47d6df2	ELF	2022-03-16 14:02:19	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 [+] YRP/Big_Numbers4

Recent Searches
yrp/maldoc_geteip_method_1
yrp/network_tcp_socket
yrp/ispe64
yrp/empire_keepassconfig_gen
yrp/empire_invoke_powerdump
yrp/freebasic_016b
yrp/empire_keepassconfig
yrp/maldoc_indirect_function_call_1
yrp/crowdstrike_shamoon_droppedfile
yrp/microsoft_visual_cpp_30_old_crap_additional

Search

Recent Searches