MalShare

MD5 Hash	File type	Added	Source	Yara Hits
2091811d07c05e88564ba659279046ee	PE32	2017-10-06 23:03:18	http://5995.us/burger24/money.exe	YRP/Str_Win32_Winsock2_Library YRP/Browsers YRP/contentis_base64 YRP/url [+] YRP/domain YRP/IP YRP/Borland YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_dropper YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Delphi_StrToInt YRP/Delphi_DecodeDate
4b337da5d932f64766190c530851fdfd	HTML	2017-10-11 03:21:34	http://angads.com.au/hfv0Fy.exe	YRP/contentis_base64 YRP/url YRP/domain YRP/BASE64_table
61851c8e75646a9748561e519054388b	HTML	2017-10-12 03:22:00	http://angads.com.au/hfv0Fy.exe	YRP/contentis_base64 YRP/url YRP/domain YRP/BASE64_table
87aca4b841711b7259c64cc2062895ef	PE32	2017-10-12 12:45:34	http://weballiance-dev.com/gpjbc/gfzdhg/naffy...	YRP/Str_Win32_Winsock2_Library YRP/CookieTools YRP/contentis_base64 YRP/domain [+] YRP/IP YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/borland_delphi YRP/network_udp_sock YRP/network_tcp_listen YRP/network_smtp_raw YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Delphi_StrToInt YRP/Delphi_DecodeDate
c2b17962b1a629cb668081b15b795dbf	ELF	2017-10-16 00:55:42		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
b0b1c2dc726a1245db2be9be92d45db1	ELF	2017-10-16 00:56:53		YRP/maldoc_getEIP_method_1 YRP/contentis_base64 YRP/domain YRP/Big_Numbers2 [+] YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table FlorianRoth/Mirai_1_May17 FlorianRoth/Miari_2_May17
bb19bf71c89ba9529fcb5dc2dea75bbe	ELF	2017-10-16 00:58:06		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
ec17d640c0ad057d10544bc3eb1657ca	ELF	2017-10-16 01:01:07		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
7db122a30bc5c61ea52cf5e128040bbf	ELF	2017-10-16 01:01:30		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
96fa3335021e9683da0f3459b23b3a61	ELF	2017-10-16 01:02:01		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
8afbc6d5a35a6d64f0a34d83e87a85c7	ELF	2017-10-16 01:06:41		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
e807619a1b4454c99523c7f6aa2f3ce1	ELF	2017-10-16 01:06:56		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
a2978fff8c4b18a0598df748d3b0f14e	ELF	2017-10-16 01:07:07		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
4c2877d34b185161514ce615f37d7af4	ELF	2017-10-16 01:08:11		YRP/contentis_base64 YRP/domain YRP/Big_Numbers2 YRP/RIPEMD160_Constants [+] YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table FlorianRoth/Miari_2_May17
7c079713509564f1205a3dee00684bf7	ELF	2017-10-16 01:09:45		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter
f0512cfd4fbb9721131dea2f20671417	ELF	2017-10-16 01:13:36		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
c319c29f19867a616c992cbd9c5479e2	ELF	2017-10-16 01:15:07		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
49316a8fe3863514ce6fbd012a05e8e5	ELF	2017-10-16 01:16:03		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter
87290beb1b74781dda5bda390e6108f3	ELF	2017-10-16 01:16:55		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter
da137ff4588310db5c4c15cc7ec2011d	ELF	2017-10-16 01:17:10		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
7766cc492757937c87fddaabd72bc2bb	ELF	2017-10-16 01:17:23		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
9d8e3e4c23f6fea431fda602fb00629d	ELF	2017-10-16 01:17:42		YRP/maldoc_getEIP_method_1 YRP/contentis_base64 YRP/url YRP/domain [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Mirai_1_May17 FlorianRoth/Miari_2_May17
00ee477d66d6ad393fbc706613cd1a4e	ELF	2017-10-16 01:18:18		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter
b489602ed6503f1f06adcb1f532dc014	ELF	2017-10-16 01:18:48		YRP/contentis_base64 YRP/url YRP/domain YRP/IP [+] YRP/Big_Numbers2 YRP/SHA512_Constants YRP/BASE64_table
34a8ec291b71d587b6defe160bc21f51	ELF	2017-10-16 01:19:02		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter
127eacc6f5306caa43a600e428e9002f	ELF	2017-10-16 01:19:07		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
fa048b677e11a9b017eddf93334e8ee9	ELF	2017-10-16 01:20:14		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
9b0a0d328898df24ca1cde2eb9540eb0	ELF	2017-10-16 01:20:25		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
84e3ad0d62d21739d632d2106864e79e	ELF	2017-10-16 01:20:43		CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+] YRP/WoolenGoldfish_Generic_3 YRP/FavoriteCode YRP/FavoriteStrings YRP/WarpCode YRP/WarpStrings YRP/Warp YRP/Locky_Ransomware YRP/Locky_Ransomware_2 YRP/ScarhiknStrings YRP/ScarhiknCode YRP/Scarhikn YRP/genome YRP/apt_nix_elf_Derusbi_Linux_SharedMemCreation YRP/apt_nix_elf_Derusbi_Linux_Strings YRP/Trojan_Derusbi YRP/APT_Derusbi_DeepPanda YRP/APT_Derusbi_Gen YRP/Cerberus YRP/function_through_object YRP/php_malfunctions YRP/php_obf_malfunctions YRP/fopo_obfuscator YRP/html_upload YRP/php_uname YRP/scriptkiddies YRP/KeyBoy_Dropper YRP/KeyBoy_Backdoor YRP/Mozart YRP/APT_Hikit_msrv YRP/sinlesspleasure_com YRP/amasty_biz YRP/amasty_biz_js YRP/cloudfusion_me YRP/grelos_v YRP/hacked_domains YRP/jquery_code_su YRP/jquery_code_su_multi YRP/Trafficanalyzer_js YRP/atob_js YRP/googieplay_js YRP/mag_php_js YRP/thetech_org_js YRP/md5_cdn_js_link_js YRP/ChickenDOS_Linux YRP/Powerkatz_DLL_Generic YRP/StegoKatz YRP/Cythosia YRP/SharedStrings YRP/Crimson YRP/TeslaCrypt YRP/APT_DeputyDog_Fexel YRP/urausy_skype_dat YRP/nAspyUpdateCode YRP/nAspyUpdateStrings YRP/nAspyUpdate YRP/WinntiPharma YRP/IronTiger_ASPXSpy YRP/IronTiger_wmiexec YRP/IronPanda_Malware_Htran YRP/dump_sales_quote_payment YRP/dump_sales_order YRP/md5_64651cede2467fdeb1b3b7e6ff3f81cb YRP/md5_6bf4910b01aa4f296e590b75a3d25642 YRP/fopo_webshell YRP/eval_post YRP/spam_mailer YRP/md5_2c37d90dd2c9c743c273cb955dd83ef6 YRP/md5_3ccdd51fe616c08daafd601589182d38 YRP/md5_4b69af81b89ba444204680d506a8e0a1 YRP/md5_87cf8209494eedd936b28ff620e28780 YRP/md5_fb9e35bf367a106d18eb6aa0fe406437 YRP/md5_8e5f7f6523891a5dcefcbb1a79e5bbe9 YRP/eval_base64_decode_a YRP/md5_ab63230ee24a988a4a9245c2456e4874 YRP/md5_d30b23d1224438518d18e90c218d7c8b YRP/md5_24f2df1b9d49cfb02d8954b08dba471f YRP/md5_fd141197c89d27b30821f3de8627ac38 YRP/visbot YRP/md5_4c4b3d4ba5bce7191a5138efa2468679 YRP/md5_6eb201737a6ef3c4880ae0b8983398a9 YRP/md5_d201d61510f7889f1a47257d52b15fa2 YRP/md5_06e3ed58854daeacf1ed82c56a883b04 YRP/md5_28690a72362e021f65bb74eecc54255e YRP/fake_magentoupdate_site YRP/md5_4aa900ddd4f1848a15c61a9b7acd5035 YRP/BoousetCode YRP/Hsdfihdf YRP/xRAT20 YRP/APT3102Code YRP/TerminatorRat YRP/TROJAN_Notepad_shell_crew YRP/xtreme_rat YRP/XtremeRATCode YRP/XtremeRATStrings YRP/XtremeRAT YRP/xtremrat YRP/cerber3 YRP/cerber4 YRP/cerber5 YRP/alina YRP/BlackRev YRP/easterjackpos YRP/shimrat YRP/shimratreporter YRP/CyberGate YRP/lateral_movement YRP/WaterBug_wipbot_2013_dll YRP/WaterBug_turla_dropper YRP/PoisonIvy_2 YRP/CryptoLocker_set1 YRP/CryptoLocker_rule2 YRP/BackdoorFCKG YRP/turla_dropper YRP/StuxNet_Malware_1 YRP/Njrat YRP/njrat1 YRP/network_traffic_njRAT YRP/ShadowTech YRP/PubSabCode YRP/PubSabStrings YRP/PubSab YRP/MongalCode YRP/MongalStrings YRP/Mongal YRP/LuckyCatCode YRP/IMulerCode YRP/IMulerStrings YRP/IMuler YRP/GoziRule YRP/BernhardPOS YRP/citadel13xy YRP/Citadel_Malware YRP/XOR_DDosv1 YRP/apt_regin_rc5key YRP/xRAT YRP/GlassesCode YRP/Glasses YRP/EzcobStrings YRP/Ezcob YRP/WimmieShellcode YRP/WimmieStrings YRP/Wimmie YRP/APT_NGO_wuaclt YRP/OlyxCode YRP/OlyxStrings YRP/Olyx YRP/APT9002Code YRP/APT9002Strings YRP/APT9002 YRP/Ransom_Petya YRP/Retefe YRP/Ransom_CryptXXX_Dropper YRP/Ransom_CryptXXX_Real YRP/NSFreeCode YRP/NSFreeStrings YRP/NSFree YRP/apt_c16_win_memory_pcclient YRP/apt_c16_win_wateringhole YRP/ELF_Linux_Torte YRP/ELF_Linux_Torte_domains YRP/NetWiredRC_B YRP/RSharedStrings YRP/GmRemoteStrings YRP/GmRemote YRP/SurtrStrings YRP/SurtrCode YRP/Surtr YRP/Casper_Included_Strings YRP/Casper_SystemInformation_Output YRP/NaikonCode YRP/NaikonStrings YRP/Naikon YRP/KelihosHlux YRP/moose YRP/MacControlCode YRP/MacControlStrings YRP/MacControl YRP/universal_1337_stealer_serveur YRP/diamond_fox YRP/skeleton_key_patcher YRP/skeleton_key_injected_code YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/CrowdStrike_Shamoon_DroppedFile YRP/TreasureHunt YRP/Insta11Code YRP/Insta11Strings YRP/Insta11 YRP/TROJAN_Notepad YRP/Tinba2 YRP/AthenaHTTP YRP/AthenaHTTP_v2 YRP/AthenaIRC YRP/Molerats_certs YRP/Win32Toxic YRP/Empire_Get_SecurityPackages YRP/Empire_Invoke_EgressCheck YRP/Empire_PowerShell_Framework_Gen2 YRP/Empire_Invoke_CredentialInjection_Invoke_Mimikatz_Gen YRP/OpClandestineWolf YRP/LogPOS YRP/VidgrabStrings YRP/Vidgrab YRP/CookiesStrings YRP/Cookies YRP/Odinaff_swift YRP/with_sqlite YRP/iexpl0reCode YRP/iexpl0reStrings YRP/iexpl0re YRP/CAP_HookExKeylogger YRP/korlia YRP/APT_Win_Pipcreat YRP/Bozok YRP/lost_door YRP/Trojan_W32_Gh0stMiancha_1_0_0 YRP/gholeeV1 YRP/MW_gholee_v1 YRP/APT_bestia YRP/BlackWorm YRP/FiveEyes_QUERTY_Malwaresig_20123_cmdDef YRP/FiveEyes_QUERTY_Malwareqwerty_20123 YRP/FiveEyes_QUERTY_Malwaresig_20120_dll YRP/FiveEyes_QUERTY_Malwaresig_20120_cmdDef YRP/FiveEyes_QUERTY_Malwaresig_20121_cmdDef YRP/sendsafe YRP/WindowsCredentialEditor YRP/Amplia_Security_Tool YRP/PScan_Portscan_1 YRP/HackTool_Samples YRP/Fierce2 YRP/Ncrack YRP/SQLMap YRP/PortScanner YRP/NetBIOS_Name_Scanner YRP/FeliksPack3___Scanners_ipscan YRP/CGISscan_CGIScan YRP/IP_Stealing_Utilities YRP/PortRacer YRP/scanarator YRP/_Bitchin_Threads_ YRP/portscan YRP/ProPort_zip_Folder_ProPort YRP/StealthWasp_s_Basic_PortScanner_v1_2 YRP/BluesPortScan YRP/scanarator_iis YRP/Angry_IP_Scanner_v2_08_ipscan YRP/crack_Loader YRP/WCE_Modified_1_1014 YRP/BypassUac_3 YRP/Hacktools_CN_Panda_Burst YRP/Hacktools_CN_Burst_Blast YRP/Jc_WinEggDrop_Shell YRP/LinuxHacktool_eyes_pscan2 YRP/Mimikatz_Memory_Rule_1 YRP/Mimikatz_Memory_Rule_2 YRP/VSSown_VBS YRP/DMALocker YRP/DMALocker4 YRP/Grozlex YRP/IndiaCharlie_One YRP/IndiaCharlie_Two YRP/wiper_unique_strings YRP/wiper_encoded_strings YRP/createP2P YRP/DeltaCharlie YRP/DestructiveTargetCleaningTool5 YRP/DestructiveTargetCleaningTool6 YRP/Malwareusedbycyberthreatactor1 YRP/WhiskeyDelta YRP/PapaAlfa YRP/IndiaAlfa_One YRP/TangoAlfa YRP/LimaCharlie YRP/IndiaBravo_PapaAlfa YRP/IndiaBravo_RomeoCharlie YRP/IndiaBravo_RomeoBravo YRP/IndiaBravo_generic YRP/RomeoEcho YRP/WhiskeyAlfa YRP/SierraBravo_packed YRP/RomeoJuliettMikeTwo YRP/RomeoCharlie YRP/SierraCharlie YRP/Furtim_nativeDLL YRP/NetpassStrings YRP/NetPass YRP/NetTravStrings YRP/NetTravExports YRP/NetTraveler YRP/BangatCode YRP/BangatStrings YRP/Bangat YRP/Careto_OSX_SBD YRP/Careto_CnC YRP/Careto_CnC_domains YRP/Misdat_Backdoor YRP/SType_Backdoor YRP/Zlib_Backdoor YRP/Spora YRP/unk_packer YRP/LIGHTDART_APT1 YRP/AURIGA_APT1 YRP/BANGAT_APT1 YRP/BISCUIT_GREENCAT_APT1 YRP/BOUNCER_APT1 YRP/BOUNCER_DLL_APT1 YRP/CALENDAR_APT1 YRP/COMBOS_APT1 YRP/DAIRY_APT1 YRP/GLOOXMAIL_APT1 YRP/GOGGLES_APT1 YRP/HACKSFASE1_APT1 YRP/HACKSFASE2_APT1 YRP/KURTON_APT1 YRP/MACROMAIL_APT1 YRP/MANITSME_APT1 YRP/MINIASP_APT1 YRP/NEWSREELS_APT1 YRP/SEASALT_APT1 YRP/STARSYPOUND_APT1 YRP/SWORD_APT1 YRP/thequickbrow_APT1 YRP/TABMSGSQL_APT1 YRP/CCREWBACK1 YRP/TrojanCookies_CCREW YRP/GEN_CCREW1 YRP/Elise YRP/EclipseSunCloudRAT YRP/MoonProject YRP/ccrewDownloader1 YRP/ccrewDownloader2 YRP/ccrewMiniasp YRP/ccrewSSLBack2 YRP/ccrewSSLBack3 YRP/ccrewSSLBack1 YRP/ccrewDownloader3 YRP/ccrewQAZ YRP/metaxcd YRP/MiniASP YRP/DownloaderPossibleCCrew YRP/APT1_LIGHTBOLT YRP/APT1_GETMAIL YRP/APT1_GDOCUPLOAD YRP/APT1_WEBC2_Y21K YRP/APT1_WEBC2_YAHOO YRP/APT1_WEBC2_UGX YRP/APT1_WEBC2_TOCK YRP/APT1_WEBC2_RAVE YRP/APT1_WEBC2_QBP YRP/APT1_WEBC2_HEAD YRP/APT1_WEBC2_GREENCAT YRP/APT1_WEBC2_DIV YRP/APT1_WEBC2_CSON YRP/APT1_WEBC2_CLOVER YRP/APT1_WEBC2_BOLID YRP/APT1_WEBC2_ADSPACE YRP/APT1_WEBC2_AUSOV YRP/APT1_WARP YRP/APT1_TARSIP_ECLIPSE YRP/APT1_TARSIP_MOON YRP/APT1_RARSilent_EXE_PDF YRP/APT1_aspnetreport YRP/APT1_Revird_svc YRP/APT1_dbg_mess YRP/APT1_known_malicious_RARSilent YRP/backoff YRP/Payload_Exe2Hex YRP/Trojan_Win32_PlaSrv YRP/Trojan_Win32_Platual YRP/Trojan_Win32_Plaplex YRP/Trojan_Win32_Dipsind_B YRP/Trojan_Win32_PlaKeylog_B YRP/Trojan_Win32_Adupib YRP/Trojan_Win32_PlaLsaLog YRP/Trojan_Win32_Plakelog YRP/Trojan_Win32_Plainst YRP/Trojan_Win32_Plagicom YRP/Trojan_Win32_Plaklog YRP/Trojan_Win32_Plapiio YRP/Trojan_Win32_Plabit YRP/Trojan_Win32_Placisc2 YRP/Trojan_Win32_Placisc3 YRP/Trojan_Win32_Placisc4 YRP/Ransom_Satana YRP/Ransom_Satana_Dropper YRP/MirageStrings YRP/Mirage YRP/Mirage_APT YRP/RooterCode YRP/Rooter YRP/RookieStrings YRP/Rookie YRP/GEN_PowerShell YRP/ZhoupinExploitCrew YRP/BackDoorLogger YRP/Jasus YRP/NetC YRP/ShellCreator2 YRP/SmartCopy2 YRP/SynFlooder YRP/TinyZBot YRP/antivirusdetector YRP/csext YRP/kagent YRP/mimikatzWrapper YRP/pvz_in YRP/pvz_out YRP/wndTest YRP/zhCat YRP/zhLookUp YRP/zhmimikatz YRP/Zh0uSh311 YRP/OPCLEAVER_BackDoorLogger YRP/OPCLEAVER_Jasus YRP/OPCLEAVER_NetC YRP/OPCLEAVER_ShellCreator2 YRP/OPCLEAVER_SmartCopy2 YRP/OPCLEAVER_SynFlooder YRP/OPCLEAVER_TinyZBot YRP/OPCLEAVER_ZhoupinExploitCrew YRP/OPCLEAVER_antivirusdetector YRP/OPCLEAVER_csext YRP/OPCLEAVER_kagent YRP/OPCLEAVER_mimikatzWrapper YRP/OPCLEAVER_pvz_in YRP/OPCLEAVER_pvz_out YRP/OPCLEAVER_wndTest YRP/OPCLEAVER_zhLookUp YRP/OPCLEAVER_zhmimikatz YRP/EQGRP_create_dns_injection YRP/EQGRP_tunnel_state_reader YRP/EQGRP_eligiblecandidate YRP/EQGRP_sniffer_xml2pcap YRP/EQGRP_BananaAid YRP/EQGRP_shellcode YRP/EQGRP_jetplow_SH YRP/EQGRP_extrabacon YRP/EQGRP_sploit_py YRP/EQGRP_BICECREAM YRP/EQGRP_StoreFc YRP/EQGRP_BARPUNCH_BPICKER YRP/EQGRP_pandarock YRP/EQGRP_callbacks YRP/EQGRP_Unique_Strings YRP/EQGRP_RC5_RC6_Opcode YRP/RegSubDatStrings YRP/RegSubDat YRP/zoxPNG_RAT YRP/QuarianStrings YRP/QuarianCode YRP/Quarian YRP/Unit78020_Malware_Gen1 YRP/Codoso_Gh0st_3 YRP/Codoso_Gh0st_1 YRP/Codoso_PGV_PVID_3 YRP/apt_equation_equationlaser_runtimeclasses YRP/apt_equation_cryptotable YRP/REDLEAVES_DroppedFile_ObfuscatedShellcodeAndRAT_handkerchief YRP/REDLEAVES_CoreImplant_UniqueStrings YRP/PLUGX_RedLeaves YRP/Ransom YRP/DDosTf YRP/EquationGroup_elgingamble YRP/EquationGroup_sambal YRP/EquationGroup__jparsescan_parsescan_5 YRP/EquationGroup_noclient_3_3_2 YRP/EquationGroup_Toolset_Apr17_Gen2 YRP/EquationGroup_Toolset_Apr17_ntevt YRP/EquationGroup_Toolset_Apr17_msgkd_msslu64_msgki_mssld YRP/glassrat YRP/Bublik YRP/Bolonyokte YRP/T5000Strings YRP/T5000 YRP/legion_777 YRP/cxpidStrings YRP/cxpidCode YRP/Meterpreter_Reverse_Tcp YRP/Adzok YRP/gh0st YRP/YayihCode YRP/YayihStrings YRP/Yayih YRP/EnfalCode YRP/EnfalStrings YRP/Enfal YRP/IMPLANT_3_v1 YRP/IMPLANT_4_v9 YRP/IMPLANT_5_v2 YRP/IMPLANT_5_v3 YRP/IMPLANT_5_v4 YRP/Unidentified_Malware_Two YRP/liudoor YRP/dexter_strings YRP/Ransom_Alpha YRP/Ransom_Alfa YRP/SafeNetCode YRP/SafeNetStrings YRP/SafeNet YRP/FVEY_ShadowBrokers_Jan17_Screen_Strings YRP/memory_pivy YRP/memory_shylock YRP/Cloaked_as_JPG YRP/rtf_yahoo_ken YRP/ZXProxy YRP/EmiratesStatement YRP/SpyGate_v2_9 YRP/qadars YRP/shylock YRP/spyeye YRP/spyeye_plugins YRP/callTogether_certificate YRP/qti_certificate YRP/DownExecute_A YRP/Pandora YRP/Base64_encoded_Executable YRP/Invoke_mimikittenz YRP/Havex_Trojan_PHP_Server YRP/onimiki YRP/Shifu YRP/Derkziel YRP/Worm_Gamarue YRP/suspicious_packer_section YRP/pony YRP/Wabot YRP/CSIT_14003_03 YRP/UACME_Akagi YRP/AAR YRP/Ap0calypse YRP/Arcom YRP/BlackNix YRP/BlueBanana YRP/ClientMesh YRP/DarkRAT YRP/Greame YRP/HawkEye YRP/Imminent YRP/Infinity YRP/JavaDropper YRP/LostDoor YRP/LuminosityLink YRP/LuxNet YRP/NanoCore YRP/Paradox YRP/Plasma YRP/PredatorPain YRP/Punisher YRP/PythoRAT YRP/QRat YRP/SmallNet YRP/SpyGate YRP/Sub7Nation YRP/UPX YRP/Vertex YRP/unrecom YRP/Tedroo YRP/apt_hellsing_implantstrings YRP/PlugXStrings YRP/plugX YRP/LinuxAESDDoS YRP/LinuxBillGates YRP/LinuxElknot YRP/LinuxMrBlack YRP/LinuxTsunami YRP/rootkit YRP/exploit YRP/ldpreload YRP/Zegost YRP/Intel_Virtualization_Wizard_exe YRP/Intel_Virtualization_Wizard_dll YRP/DarkComet_2 YRP/DarkComet_3 YRP/DarkComet_4 YRP/Scieron YRP/BlackShades2 YRP/BlackShades_4 YRP/BlackShades YRP/BlackShades_25052015 YRP/possible_exploit YRP/XDP_embedded_PDF YRP/Contains_hidden_PE_File_inside_a_sequence_of_numbers YRP/Contains_UserForm_Object YRP/powershell YRP/maldoc_API_hashing YRP/maldoc_indirect_function_call_1 YRP/maldoc_indirect_function_call_2 YRP/maldoc_indirect_function_call_3 YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/macrocheck YRP/malrtf_ole2link YRP/email_Ukraine_power_attack_content YRP/davivienda YRP/with_attachment YRP/content YRP/CryptoWall_Resume_phish YRP/maldoc_OLE_file_magic_number YRP/System_Tools YRP/Browsers YRP/RE_Tools YRP/Antivirus YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Sandboxie_Detection YRP/VirtualPC_Detection YRP/VirtualBox_Detection YRP/Qemu_Detection YRP/Dropper_Strings YRP/Base64d_PE YRP/Misc_Suspicious_Strings YRP/BITS_CLSID YRP/contentis_base64 YRP/url YRP/domain YRP/IP YRP/possible_includes_base64_packed_functions YRP/silent_banker YRP/zbot YRP/Borland YRP/PESpinv04x YRP/phoenix_html YRP/phoenix_html10 YRP/phoenix_html11 YRP/phoenix_html2 YRP/phoenix_html3 YRP/phoenix_html4 YRP/phoenix_html5 YRP/phoenix_html6 YRP/phoenix_html7 YRP/phoenix_html8 YRP/phoenix_html9 YRP/phoenix_jar YRP/phoenix_jar2 YRP/phoenix_jar3 YRP/phoenix_pdf YRP/phoenix_pdf2 YRP/phoenix_pdf3 YRP/blackhole2_jar YRP/blackhole2_jar2 YRP/blackhole2_jar3 YRP/blackhole2_pdf YRP/blackhole1_jar YRP/blackhole2_htm YRP/blackhole2_htm10 YRP/blackhole2_htm11 YRP/blackhole2_htm12 YRP/blackhole2_htm3 YRP/blackhole2_htm4 YRP/blackhole2_htm5 YRP/blackhole2_htm6 YRP/blackhole2_htm8 YRP/zerox88_js2 YRP/zerox88_js3 YRP/sakura_jar YRP/sakura_jar2 YRP/fragus_htm YRP/fragus_js YRP/fragus_js2 YRP/fragus_js_flash YRP/fragus_js_java YRP/fragus_js_quicktime YRP/fragus_js_vml YRP/crimepack_jar YRP/crimepack_jar3 YRP/eleonore_jar YRP/eleonore_jar2 YRP/eleonore_jar3 YRP/eleonore_js YRP/eleonore_js2 YRP/eleonore_js3 YRP/angler_flash YRP/angler_flash2 YRP/angler_flash4 YRP/angler_flash5 YRP/angler_flash_uncompressed YRP/angler_html YRP/angler_html2 YRP/angler_js YRP/zeus_js YRP/zeroaccess_css YRP/zeroaccess_css2 YRP/zeroaccess_htm YRP/zeroaccess_js YRP/zeroaccess_js2 YRP/zeroaccess_js3 YRP/zeroaccess_js4 YRP/bleedinglife2_adobe_2010_1297_exploit YRP/bleedinglife2_adobe_2010_2884_exploit YRP/bleedinglife2_jar2 YRP/bleedinglife2_java_2010_0842_exploit YRP/DebuggerCheck__PEB YRP/DebuggerCheck__GlobalFlags YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/DebuggerHiding__Active YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/DebuggerCheck__DrWatson YRP/SEH__v3 YRP/SEH__v4 YRP/SEH__vba YRP/SEH__vectored YRP/Check_Wine YRP/vmdetect YRP/WMI_VM_Detect YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antisb_sandboxie YRP/antivm_virtualbox YRP/antivm_vmware YRP/disable_antivirus YRP/disable_firewall YRP/disable_dep YRP/inject_thread YRP/create_service YRP/create_com_service YRP/network_udp_sock YRP/network_tcp_listen YRP/network_dyndns YRP/network_smtp_dotNet YRP/network_smtp_raw YRP/network_smtp_vb YRP/network_p2p_win YRP/network_irc YRP/network_http YRP/network_dropper YRP/network_ftp YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/network_dga YRP/bitcoin YRP/escalate_priv YRP/screenshot YRP/lookupip YRP/lookupgeo YRP/keylogger YRP/cred_local YRP/sniff_audio YRP/cred_ff YRP/cred_vnc YRP/cred_ie7 YRP/sniff_lan YRP/migrate_apc YRP/spreading_file YRP/spreading_share YRP/rat_vnc YRP/rat_rdp YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/vmdetect_misc YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Prime_Constants_char YRP/Prime_Constants_long YRP/Advapi_Hash_API YRP/Crypt32_CryptBinaryToString_API YRP/CRC32c_poly_Constant YRP/CRC32_poly_Constant YRP/CRC32_table YRP/CRC32_table_lookup YRP/CRC32b_poly_Constant YRP/CRC16_table YRP/FlyUtilsCnDES_ECB_Encrypt YRP/FlyUtilsCnDES_ECB_Decrypt YRP/Elf_Hash YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/MD5_API YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/WHIRLPOOL_Constants YRP/Miracl_powmod YRP/Miracl_crt YRP/CryptoPP_a_exp_b_mod_c YRP/CryptoPP_modulo YRP/FGint_MontgomeryModExp YRP/FGint_FGIntModExp YRP/FGint_MulByInt YRP/FGint_DivMod YRP/FGint_FGIntDestroy YRP/FGint_Base10StringToGInt YRP/FGint_ConvertBase256to64 YRP/FGint_ConvertHexStringToBase256String YRP/FGint_Base256StringToGInt YRP/FGint_FGIntToBase256String YRP/FGint_ConvertBase256StringToHexString YRP/FGint_PGPConvertBase256to64 YRP/FGint_RSAEncrypt YRP/FGint_RsaDecrypt YRP/FGint_RSAVerify YRP/FGint_FindPrimeGoodCurveAndPoint YRP/FGint_ECElGamalEncrypt YRP/FGint_ECAddPoints YRP/FGint_ECPointKMultiple YRP/FGint_ECPointDestroy YRP/FGint_DSAPrimeSearch YRP/FGint_DSASign YRP/FGint_DSAVerify YRP/DES_Long YRP/DES_sbox YRP/DES_pbox_long YRP/OpenSSL_BN_mod_exp2_mont YRP/OpenSSL_BN_mod_exp_mont YRP/OpenSSL_BN_mod_exp_recp YRP/OpenSSL_BN_mod_exp_simple YRP/OpenSSL_BN_mod_exp_inverse YRP/OpenSSL_DSA YRP/FGint_RsaSign YRP/LockBox_RsaEncryptFile YRP/LockBox_DecryptRsaEx YRP/LockBox_EncryptRsaEx YRP/LockBox_TlbRsaKey YRP/BigDig_bpInit YRP/BigDig_mpModExp YRP/BigDig_mpModInv YRP/BigDig_mpModMult YRP/BigDig_mpModulo YRP/BigDig_spModExpB YRP/BigDig_spModInv YRP/BigDig_spModMult YRP/CryptoPP_ApplyFunction YRP/CryptoPP_RsaFunction YRP/CryptoPP_Integer_constructor YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_CHAR_inv YRP/RijnDael_AES_LONG YRP/RsaRef2_NN_modExp YRP/RsaRef2_NN_modInv YRP/RsaRef2_NN_modMult YRP/RsaRef2_RsaPrivateDecrypt YRP/RsaRef2_RsaPrivateEncrypt YRP/RsaRef2_RsaPublicDecrypt YRP/RsaRef2_RsaPublicEncrypt YRP/RsaEuro_NN_modInv YRP/RsaEuro_NN_modMult YRP/Miracl_Big_constructor YRP/Miracl_mirvar YRP/Miracl_mirsys_init YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_RandomRange YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Delphi_IntToStr YRP/Delphi_StrToInt YRP/Delphi_DecodeDate YRP/Unknown_Random YRP/VC6_Random YRP/VC8_Random YRP/DCP_RIJNDAEL_Init YRP/DCP_RIJNDAEL_EncryptECB YRP/DCP_BLOWFISH_Init YRP/DCP_BLOWFISH_EncryptCBC YRP/DCP_DES_Init YRP/DCP_DES_EncryptECB YRP/Trojan_Dendroid YRP/moscow_fake YRP/dropper YRP/SlemBunk YRP/android_meterpreter YRP/android_metasploit YRP/genericSMS YRP/genericSMS2 YRP/marcher1 YRP/marcher2 YRP/marcher3 YRP/dropperMapin YRP/Mapin YRP/xbot007 YRP/dowgin YRP/adware YRP/SpyNet YRP/tachi YRP/smsfraud1 YRP/FeliksPack3___PHP_Shells_ssh YRP/Exploit_MS15_077_078 YRP/Mal_http_EXE YRP/Linux_DirtyCow_Exploit YRP/cve_2013_0074 KevTheHermit/Infinity KevTheHermit/Vertex KevTheHermit/BlackNix KevTheHermit/NanoCore KevTheHermit/Arcom KevTheHermit/Pandora KevTheHermit/CyberGate KevTheHermit/Adzok KevTheHermit/Punisher KevTheHermit/ClientMesh KevTheHermit/Paradox KevTheHermit/SpyGate KevTheHermit/unrecom KevTheHermit/Bozok KevTheHermit/LuxNet KevTheHermit/DarkComet KevTheHermit/PythoRAT KevTheHermit/Greame KevTheHermit/BlackShades KevTheHermit/Sub7Nation KevTheHermit/LostDoor KevTheHermit/PoisonIvy KevTheHermit/HawkEye KevTheHermit/xRAT KevTheHermit/AAR KevTheHermit/LuminosityLink KevTheHermit/ShadowTech KevTheHermit/SmallNet KevTheHermit/DarkRAT KevTheHermit/Crimson KevTheHermit/BlueBanana KevTheHermit/JavaDropper KevTheHermit/Imminent KevTheHermit/Ap0calypse FlorianRoth/Furtim_nativeDLL FlorianRoth/CrowdStrike_Shamoon_DroppedFile FlorianRoth/ZxShell_Jul17 FlorianRoth/apt_ProjectSauron_encryption FlorianRoth/BernhardPOS FlorianRoth/apt_RU_MoonlightMaze_customlokitools FlorianRoth/apt_RU_MoonlightMaze_customsniffer FlorianRoth/loki2crypto FlorianRoth/apt_RU_MoonlightMaze_cle_tool FlorianRoth/apt_RU_MoonlightMaze_xk_keylogger FlorianRoth/apt_RU_MoonlightMaze_IRIX_exploit_GEN FlorianRoth/apt_RU_MoonlightMaze_u_logcleaner FlorianRoth/apt_RU_MoonlightMaze_wipe FlorianRoth/apt_nix_elf_Derusbi_Linux_SharedMemCreation FlorianRoth/apt_nix_elf_Derusbi_Linux_Strings FlorianRoth/EQGRP_create_dns_injection FlorianRoth/EQGRP_tunnel_state_reader FlorianRoth/EQGRP_eligiblecandidate FlorianRoth/EQGRP_sniffer_xml2pcap FlorianRoth/EQGRP_BananaAid FlorianRoth/EQGRP_shellcode FlorianRoth/EQGRP_jetplow_SH FlorianRoth/EQGRP_extrabacon FlorianRoth/EQGRP_sploit_py FlorianRoth/EQGRP_BICECREAM FlorianRoth/EQGRP_StoreFc FlorianRoth/EQGRP_BARPUNCH_BPICKER FlorianRoth/EQGRP_pandarock FlorianRoth/EQGRP_callbacks FlorianRoth/EQGRP_Unique_Strings FlorianRoth/EQGRP_RC5_RC6_Opcode FlorianRoth/Payload_Exe2Hex FlorianRoth/Empire_Get_SecurityPackages FlorianRoth/Empire_Invoke_EgressCheck FlorianRoth/Empire_PowerShell_Framework_Gen2 FlorianRoth/Empire_Invoke_CredentialInjection_Invoke_Mimikatz_Gen FlorianRoth/Certutil_Decode_OR_Download FlorianRoth/DeepPanda_htran_exe FlorianRoth/WaterBug_wipbot_2013_dll FlorianRoth/WaterBug_turla_dropper FlorianRoth/OPCLEAVER_BackDoorLogger FlorianRoth/OPCLEAVER_Jasus FlorianRoth/OPCLEAVER_NetC FlorianRoth/OPCLEAVER_ShellCreator2 FlorianRoth/OPCLEAVER_SmartCopy2 FlorianRoth/OPCLEAVER_SynFlooder FlorianRoth/OPCLEAVER_TinyZBot FlorianRoth/OPCLEAVER_ZhoupinExploitCrew FlorianRoth/OPCLEAVER_antivirusdetector FlorianRoth/OPCLEAVER_csext FlorianRoth/OPCLEAVER_kagent FlorianRoth/OPCLEAVER_mimikatzWrapper FlorianRoth/OPCLEAVER_pvz_in FlorianRoth/OPCLEAVER_pvz_out FlorianRoth/OPCLEAVER_wndTest FlorianRoth/OPCLEAVER_zhLookUp FlorianRoth/OPCLEAVER_zhmimikatz FlorianRoth/Mal_http_EXE FlorianRoth/skeleton_key_patcher FlorianRoth/skeleton_key_injected_code FlorianRoth/Invoke_mimikittenz FlorianRoth/Exploit_MS15_077_078 FlorianRoth/Casper_Included_Strings FlorianRoth/Casper_SystemInformation_Output FlorianRoth/APT_Liudoor FlorianRoth/IronPanda_Malware_Htran FlorianRoth/UACME_Akagi FlorianRoth/apt_equation_equationlaser_runtimeclasses FlorianRoth/apt_equation_cryptotable FlorianRoth/Recon_Commands_Windows_Gen1 FlorianRoth/Powerkatz_DLL_Generic FlorianRoth/StuxNet_Malware_1 FlorianRoth/RAT_AAR FlorianRoth/RAT_Adzok FlorianRoth/RAT_Ap0calypse FlorianRoth/RAT_Arcom FlorianRoth/RAT_BlackNix FlorianRoth/RAT_BlackShades FlorianRoth/RAT_BlueBanana FlorianRoth/RAT_Bozok FlorianRoth/RAT_ClientMesh FlorianRoth/RAT_CyberGate FlorianRoth/RAT_DarkComet FlorianRoth/RAT_DarkRAT FlorianRoth/RAT_Greame FlorianRoth/RAT_HawkEye FlorianRoth/RAT_Imminent FlorianRoth/RAT_Infinity FlorianRoth/RAT_JavaDropper FlorianRoth/RAT_LostDoor FlorianRoth/RAT_LuminosityLink FlorianRoth/RAT_LuxNet FlorianRoth/RAT_NanoCore FlorianRoth/RAT_Pandora FlorianRoth/RAT_Paradox FlorianRoth/RAT_Plasma FlorianRoth/RAT_PoisonIvy FlorianRoth/RAT_PredatorPain FlorianRoth/RAT_Punisher FlorianRoth/RAT_PythoRAT FlorianRoth/RAT_QRat FlorianRoth/RAT_ShadowTech FlorianRoth/RAT_SmallNet FlorianRoth/RAT_SpyGate FlorianRoth/RAT_Sub7Nation FlorianRoth/RAT_Vertex FlorianRoth/RAT_unrecom FlorianRoth/RAT_xRAT FlorianRoth/WoolenGoldfish_Generic_3 FlorianRoth/shimrat FlorianRoth/shimratreporter FlorianRoth/FVEY_ShadowBrokers_Jan17_Screen_Strings FlorianRoth/IMPLANT_3_v1 FlorianRoth/IMPLANT_4_v9 FlorianRoth/IMPLANT_5_v2 FlorianRoth/IMPLANT_5_v3 FlorianRoth/IMPLANT_5_v4 FlorianRoth/Unidentified_Malware_Two FlorianRoth/Locky_Ransomware FlorianRoth/APT_Project_Sauron_Scripts FlorianRoth/APT_Project_Sauron_arping_module FlorianRoth/APT_Project_Sauron_kblogi_module FlorianRoth/APT_Project_Sauron_basex_module FlorianRoth/APT_Project_Sauron_dext_module FlorianRoth/ChinaChopper_Generic FlorianRoth/Unit78020_Malware_Gen1 FlorianRoth/Trojan_Win32_PlaSrv FlorianRoth/Trojan_Win32_Platual FlorianRoth/Trojan_Win32_Plaplex FlorianRoth/Trojan_Win32_Dipsind_B FlorianRoth/Trojan_Win32_PlaKeylog_B FlorianRoth/Trojan_Win32_Adupib FlorianRoth/Trojan_Win32_PlaLsaLog FlorianRoth/Trojan_Win32_Plakelog FlorianRoth/Trojan_Win32_Plainst FlorianRoth/Trojan_Win32_Plagicom FlorianRoth/Trojan_Win32_Plaklog FlorianRoth/Trojan_Win32_Plapiio FlorianRoth/Trojan_Win32_Plabit FlorianRoth/Trojan_Win32_Placisc2 FlorianRoth/Trojan_Win32_Placisc3 FlorianRoth/Trojan_Win32_Placisc4 FlorianRoth/EquationGroup_elgingamble FlorianRoth/EquationGroup_sambal FlorianRoth/EquationGroup__jparsescan_parsescan_5 FlorianRoth/EquationGroup_noclient_3_3_2 FlorianRoth/EquationGroup_Toolset_Apr17_Gen2 FlorianRoth/EquationGroup_Toolset_Apr17_ntevt FlorianRoth/EquationGroup_Toolset_Apr17_msgkd_msslu64_msgki_mssld FlorianRoth/REDLEAVES_DroppedFile_ObfuscatedShellcodeAndRAT_handkerchief FlorianRoth/REDLEAVES_CoreImplant_UniqueStrings FlorianRoth/PLUGX_RedLeaves FlorianRoth/Codoso_Gh0st_3 FlorianRoth/Codoso_Gh0st_1 FlorianRoth/Codoso_PGV_PVID_3 FlorianRoth/FiveEyes_QUERTY_Malwaresig_20123_cmdDef FlorianRoth/FiveEyes_QUERTY_Malwareqwerty_20123 FlorianRoth/FiveEyes_QUERTY_Malwaresig_20120_dll FlorianRoth/FiveEyes_QUERTY_Malwaresig_20120_cmdDef FlorianRoth/FiveEyes_QUERTY_Malwaresig_20121_cmdDef FlorianRoth/apt_hellsing_implantstrings
c061e86de8f940258d08c777e519aec1	ELF	2017-10-16 01:20:47		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
9dfa1c69a0ad63805b78bce8c102bd07	ELF	2017-10-16 01:20:49		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/android_meterpreter
9659ddd08bf734a95d6c6d5b2f6efcba	ELF	2017-10-16 01:22:06		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
c425abe6c0450c7c3697acb0ff8fb502	ELF	2017-10-16 01:22:36		YRP/contentis_base64 YRP/domain YRP/Big_Numbers2 YRP/SHA512_Constants [+] YRP/BASE64_table FlorianRoth/Miari_2_May17
a70f34c7b470d09aee52b6ceacf600ca	ELF	2017-10-16 01:23:02		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
68d415c6623aaabf806f046b2bace9ea	ELF	2017-10-16 01:23:17		YRP/contentis_base64 YRP/url YRP/domain YRP/IP [+] YRP/BASE64_table
e9f2171c5a271206ea97f4148641babb	ELF	2017-10-16 01:24:59		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter
c798f0dddfcb5e8104045fdf12175a2f	ELF	2017-10-16 01:25:03		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/android_meterpreter
63cd63d51c2c0c497106d51af6774863	ELF	2017-10-16 01:25:22		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
f7fc755ad336216df475a3eb24c7bafe	ELF	2017-10-16 01:26:18		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table FlorianRoth/Miari_2_May17
bdae6517dbb49083a2698989b7a033ce	ELF	2017-10-16 01:26:45		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
063295f49d34bab80ddbe10e74a4c473	ELF	2017-10-16 01:27:24		YRP/contentis_base64 YRP/url YRP/domain YRP/IP [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter
37c81e56604c3c55dc652bddbce5229d	ELF	2017-10-16 01:28:26		YRP/contentis_base64 YRP/url YRP/domain YRP/IP [+] YRP/MD5_Constants YRP/BASE64_table
038dc9446bfd2be5dc56b41676555ab2	ELF	2017-10-16 01:28:30		YRP/contentis_base64 YRP/url YRP/domain YRP/IP [+] YRP/MD5_Constants YRP/BASE64_table
5acf77287f354df0128bd974a5fab0e9	ELF	2017-10-16 01:28:41		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
69660f141b43762f89ecd77d517a9cd4	ELF	2017-10-16 01:29:11		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
2515f47d747d42163e1b1a4fd563e288	ELF	2017-10-16 01:29:16		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
ab512d743e383ff10850680573ed52eb	ELF	2017-10-16 01:29:19		YRP/contentis_base64 YRP/url YRP/domain YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/android_meterpreter FlorianRoth/Miari_2_May17
36761a1ab4d346c8f1bddf1a8bc16e87	ELF	2017-10-16 01:30:09		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
71e45ccaa468c08d1427477376dbfb42	ELF	2017-10-16 01:30:23		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
d9044eb09fd2018e8f63b39d23693e5e	ELF	2017-10-16 01:30:57		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
e77ea6663a9fd4d2e3b6816daaeef004	ELF	2017-10-16 01:31:30		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
6678f9b7567b30697e2a3be4b60cae22	ELF	2017-10-16 01:32:19		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
fd3317e88545c7fbc821a58650c22ac2	ELF	2017-10-16 01:32:21		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
7f8ea9b390ccfe17f17080b8d5ca75fe	ELF	2017-10-16 01:33:03		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
9b8a2853c7c7191b424964215523816b	ELF	2017-10-16 01:33:11		YRP/domain YRP/contentis_base64 YRP/Big_Numbers2 YRP/RIPEMD160_Constants [+] YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
b3d26632c4077e731ef2da329974519d	ELF	2017-10-16 01:33:40		CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+] YRP/FeliksPack3___PHP_Shells_ssh YRP/blackhole2_jar YRP/blackhole2_jar2 YRP/blackhole2_jar3 YRP/blackhole2_pdf YRP/blackhole1_jar YRP/blackhole2_htm YRP/blackhole2_htm10 YRP/blackhole2_htm11 YRP/blackhole2_htm12 YRP/blackhole2_htm3 YRP/blackhole2_htm4 YRP/blackhole2_htm5 YRP/blackhole2_htm6 YRP/blackhole2_htm8 YRP/phoenix_html YRP/phoenix_html10 YRP/phoenix_html11 YRP/phoenix_html2 YRP/phoenix_html3 YRP/phoenix_html4 YRP/phoenix_html5 YRP/phoenix_html6 YRP/phoenix_html7 YRP/phoenix_html8 YRP/phoenix_html9 YRP/phoenix_jar YRP/phoenix_jar2 YRP/phoenix_jar3 YRP/phoenix_pdf YRP/phoenix_pdf2 YRP/phoenix_pdf3 YRP/sakura_jar YRP/sakura_jar2 YRP/eleonore_jar YRP/eleonore_jar2 YRP/eleonore_jar3 YRP/eleonore_js YRP/eleonore_js2 YRP/eleonore_js3 YRP/zerox88_js2 YRP/zerox88_js3 YRP/crimepack_jar YRP/crimepack_jar3 YRP/angler_flash YRP/angler_flash2 YRP/angler_flash4 YRP/angler_flash5 YRP/angler_flash_uncompressed YRP/angler_html YRP/angler_html2 YRP/angler_js YRP/bleedinglife2_adobe_2010_1297_exploit YRP/bleedinglife2_adobe_2010_2884_exploit YRP/bleedinglife2_jar2 YRP/bleedinglife2_java_2010_0842_exploit YRP/zeus_js YRP/fragus_htm YRP/fragus_js YRP/fragus_js2 YRP/fragus_js_flash YRP/fragus_js_java YRP/fragus_js_quicktime YRP/fragus_js_vml YRP/zeroaccess_css YRP/zeroaccess_css2 YRP/zeroaccess_htm YRP/zeroaccess_js YRP/zeroaccess_js2 YRP/zeroaccess_js3 YRP/zeroaccess_js4 YRP/possible_includes_base64_packed_functions YRP/silent_banker YRP/zbot YRP/Borland YRP/PESpinv04x YRP/email_Ukraine_power_attack_content YRP/davivienda YRP/with_attachment YRP/content YRP/CryptoWall_Resume_phish YRP/possible_exploit YRP/XDP_embedded_PDF YRP/Contains_hidden_PE_File_inside_a_sequence_of_numbers YRP/Contains_UserForm_Object YRP/powershell YRP/maldoc_API_hashing YRP/maldoc_indirect_function_call_1 YRP/maldoc_indirect_function_call_2 YRP/maldoc_indirect_function_call_3 YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/macrocheck YRP/malrtf_ole2link YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/System_Tools YRP/Browsers YRP/RE_Tools YRP/Antivirus YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Sandboxie_Detection YRP/VirtualPC_Detection YRP/VirtualBox_Detection YRP/Qemu_Detection YRP/Dropper_Strings YRP/Base64d_PE YRP/Misc_Suspicious_Strings YRP/BITS_CLSID YRP/DebuggerCheck__PEB YRP/DebuggerCheck__GlobalFlags YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/DebuggerHiding__Active YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/DebuggerCheck__DrWatson YRP/SEH__v3 YRP/SEH__v4 YRP/SEH__vba YRP/SEH__vectored YRP/Check_Wine YRP/vmdetect YRP/WMI_VM_Detect YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antisb_sandboxie YRP/antivm_virtualbox YRP/antivm_vmware YRP/disable_antivirus YRP/disable_firewall YRP/disable_dep YRP/inject_thread YRP/create_service YRP/create_com_service YRP/network_udp_sock YRP/network_tcp_listen YRP/network_dyndns YRP/network_smtp_dotNet YRP/network_smtp_raw YRP/network_smtp_vb YRP/network_p2p_win YRP/network_irc YRP/network_http YRP/network_dropper YRP/network_ftp YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/network_dga YRP/bitcoin YRP/escalate_priv YRP/screenshot YRP/lookupip YRP/lookupgeo YRP/keylogger YRP/cred_local YRP/sniff_audio YRP/cred_ff YRP/cred_vnc YRP/cred_ie7 YRP/sniff_lan YRP/migrate_apc YRP/spreading_file YRP/spreading_share YRP/rat_vnc YRP/rat_rdp YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/vmdetect_misc YRP/genericSMS YRP/genericSMS2 YRP/dropper YRP/tachi YRP/android_meterpreter YRP/android_metasploit YRP/dowgin YRP/adware YRP/dropperMapin YRP/Mapin YRP/SlemBunk YRP/xbot007 YRP/moscow_fake YRP/marcher1 YRP/marcher2 YRP/marcher3 YRP/Trojan_Dendroid YRP/SpyNet YRP/smsfraud1 YRP/Mal_http_EXE YRP/cve_2013_0074 YRP/Linux_DirtyCow_Exploit YRP/Exploit_MS15_077_078 YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Prime_Constants_char YRP/Prime_Constants_long YRP/Advapi_Hash_API YRP/Crypt32_CryptBinaryToString_API YRP/CRC32c_poly_Constant YRP/CRC32_poly_Constant YRP/CRC32_table YRP/CRC32_table_lookup YRP/CRC32b_poly_Constant YRP/CRC16_table YRP/FlyUtilsCnDES_ECB_Encrypt YRP/FlyUtilsCnDES_ECB_Decrypt YRP/Elf_Hash YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/MD5_API YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/WHIRLPOOL_Constants YRP/Miracl_powmod YRP/Miracl_crt YRP/CryptoPP_a_exp_b_mod_c YRP/CryptoPP_modulo YRP/FGint_MontgomeryModExp YRP/FGint_FGIntModExp YRP/FGint_MulByInt YRP/FGint_DivMod YRP/FGint_FGIntDestroy YRP/FGint_Base10StringToGInt YRP/FGint_ConvertBase256to64 YRP/FGint_ConvertHexStringToBase256String YRP/FGint_Base256StringToGInt YRP/FGint_FGIntToBase256String YRP/FGint_ConvertBase256StringToHexString YRP/FGint_PGPConvertBase256to64 YRP/FGint_RSAEncrypt YRP/FGint_RsaDecrypt YRP/FGint_RSAVerify YRP/FGint_FindPrimeGoodCurveAndPoint YRP/FGint_ECElGamalEncrypt YRP/FGint_ECAddPoints YRP/FGint_ECPointKMultiple YRP/FGint_ECPointDestroy YRP/FGint_DSAPrimeSearch YRP/FGint_DSASign YRP/FGint_DSAVerify YRP/DES_Long YRP/DES_sbox YRP/DES_pbox_long YRP/OpenSSL_BN_mod_exp2_mont YRP/OpenSSL_BN_mod_exp_mont YRP/OpenSSL_BN_mod_exp_recp YRP/OpenSSL_BN_mod_exp_simple YRP/OpenSSL_BN_mod_exp_inverse YRP/OpenSSL_DSA YRP/FGint_RsaSign YRP/LockBox_RsaEncryptFile YRP/LockBox_DecryptRsaEx YRP/LockBox_EncryptRsaEx YRP/LockBox_TlbRsaKey YRP/BigDig_bpInit YRP/BigDig_mpModExp YRP/BigDig_mpModInv YRP/BigDig_mpModMult YRP/BigDig_mpModulo YRP/BigDig_spModExpB YRP/BigDig_spModInv YRP/BigDig_spModMult YRP/CryptoPP_ApplyFunction YRP/CryptoPP_RsaFunction YRP/CryptoPP_Integer_constructor YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_CHAR_inv YRP/RijnDael_AES_LONG YRP/RsaRef2_NN_modExp YRP/RsaRef2_NN_modInv YRP/RsaRef2_NN_modMult YRP/RsaRef2_RsaPrivateDecrypt YRP/RsaRef2_RsaPrivateEncrypt YRP/RsaRef2_RsaPublicDecrypt YRP/RsaRef2_RsaPublicEncrypt YRP/RsaEuro_NN_modInv YRP/RsaEuro_NN_modMult YRP/Miracl_Big_constructor YRP/Miracl_mirvar YRP/Miracl_mirsys_init YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_RandomRange YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Delphi_IntToStr YRP/Delphi_StrToInt YRP/Delphi_DecodeDate YRP/Unknown_Random YRP/VC6_Random YRP/VC8_Random YRP/DCP_RIJNDAEL_Init YRP/DCP_RIJNDAEL_EncryptECB YRP/DCP_BLOWFISH_Init YRP/DCP_BLOWFISH_EncryptCBC YRP/DCP_DES_Init YRP/DCP_DES_EncryptECB YRP/TeslaCrypt YRP/Shifu YRP/WoolenGoldfish_Generic_3 YRP/Cerberus YRP/dump_sales_quote_payment YRP/dump_sales_order YRP/md5_64651cede2467fdeb1b3b7e6ff3f81cb YRP/md5_6bf4910b01aa4f296e590b75a3d25642 YRP/fopo_webshell YRP/eval_post YRP/spam_mailer YRP/md5_2c37d90dd2c9c743c273cb955dd83ef6 YRP/md5_3ccdd51fe616c08daafd601589182d38 YRP/md5_4b69af81b89ba444204680d506a8e0a1 YRP/md5_87cf8209494eedd936b28ff620e28780 YRP/md5_fb9e35bf367a106d18eb6aa0fe406437 YRP/md5_8e5f7f6523891a5dcefcbb1a79e5bbe9 YRP/eval_base64_decode_a YRP/md5_ab63230ee24a988a4a9245c2456e4874 YRP/md5_d30b23d1224438518d18e90c218d7c8b YRP/md5_24f2df1b9d49cfb02d8954b08dba471f YRP/md5_fd141197c89d27b30821f3de8627ac38 YRP/visbot YRP/md5_4c4b3d4ba5bce7191a5138efa2468679 YRP/md5_6eb201737a6ef3c4880ae0b8983398a9 YRP/md5_d201d61510f7889f1a47257d52b15fa2 YRP/md5_06e3ed58854daeacf1ed82c56a883b04 YRP/md5_28690a72362e021f65bb74eecc54255e YRP/fake_magentoupdate_site YRP/md5_4aa900ddd4f1848a15c61a9b7acd5035 YRP/glassrat YRP/iexpl0reCode YRP/iexpl0reStrings YRP/iexpl0re YRP/memory_pivy YRP/memory_shylock YRP/Cloaked_as_JPG YRP/rtf_yahoo_ken YRP/ZXProxy YRP/EmiratesStatement YRP/SpyGate_v2_9 YRP/qadars YRP/shylock YRP/spyeye YRP/spyeye_plugins YRP/callTogether_certificate YRP/qti_certificate YRP/DownExecute_A YRP/Pandora YRP/Base64_encoded_Executable YRP/Invoke_mimikittenz YRP/Bublik YRP/Derkziel YRP/EquationGroup_elgingamble YRP/EquationGroup_sambal YRP/EquationGroup__jparsescan_parsescan_5 YRP/EquationGroup_noclient_3_3_2 YRP/EquationGroup_Toolset_Apr17_Gen2 YRP/EquationGroup_Toolset_Apr17_ntevt YRP/EquationGroup_Toolset_Apr17_msgkd_msslu64_msgki_mssld YRP/LogPOS YRP/apt_regin_rc5key YRP/GEN_PowerShell YRP/moose YRP/function_through_object YRP/php_malfunctions YRP/php_obf_malfunctions YRP/fopo_obfuscator YRP/html_upload YRP/php_uname YRP/scriptkiddies YRP/apt_hellsing_implantstrings YRP/SharedStrings YRP/Njrat YRP/njrat1 YRP/network_traffic_njRAT YRP/Ransom_CryptXXX_Dropper YRP/Ransom_CryptXXX_Real YRP/WimmieShellcode YRP/WimmieStrings YRP/Wimmie YRP/XOR_DDosv1 YRP/KelihosHlux YRP/Wabot YRP/TROJAN_Notepad YRP/CrowdStrike_Shamoon_DroppedFile YRP/APT_bestia YRP/FavoriteCode YRP/FavoriteStrings YRP/Trojan_W32_Gh0stMiancha_1_0_0 YRP/korlia YRP/APT_DeputyDog_Fexel YRP/onimiki YRP/backoff YRP/NaikonCode YRP/NaikonStrings YRP/Naikon YRP/PubSabCode YRP/PubSabStrings YRP/PubSab YRP/ChickenDOS_Linux YRP/DDosTf YRP/UACME_Akagi YRP/MacControlCode YRP/MacControlStrings YRP/MacControl YRP/CookiesStrings YRP/Cookies YRP/alina YRP/YayihCode YRP/YayihStrings YRP/Yayih YRP/MongalCode YRP/MongalStrings YRP/Mongal YRP/BoousetCode YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/StuxNet_Malware_1 YRP/Scieron YRP/IMulerCode YRP/IMulerStrings YRP/IMuler YRP/Furtim_nativeDLL YRP/GlassesCode YRP/Glasses YRP/EQGRP_create_dns_injection YRP/EQGRP_tunnel_state_reader YRP/EQGRP_eligiblecandidate YRP/EQGRP_sniffer_xml2pcap YRP/EQGRP_BananaAid YRP/EQGRP_shellcode YRP/EQGRP_jetplow_SH YRP/EQGRP_extrabacon YRP/EQGRP_sploit_py YRP/EQGRP_BICECREAM YRP/EQGRP_StoreFc YRP/EQGRP_BARPUNCH_BPICKER YRP/EQGRP_pandarock YRP/EQGRP_callbacks YRP/EQGRP_Unique_Strings YRP/EQGRP_RC5_RC6_Opcode YRP/GoziRule YRP/gh0st YRP/WarpCode YRP/WarpStrings YRP/Warp YRP/EnfalCode YRP/EnfalStrings YRP/Enfal YRP/QuarianStrings YRP/QuarianCode YRP/Quarian YRP/urausy_skype_dat YRP/AAR YRP/Ap0calypse YRP/Arcom YRP/BlackNix YRP/BlueBanana YRP/ClientMesh YRP/DarkRAT YRP/Greame YRP/HawkEye YRP/Imminent YRP/Infinity YRP/JavaDropper YRP/LostDoor YRP/LuminosityLink YRP/LuxNet YRP/NanoCore YRP/Paradox YRP/Plasma YRP/PredatorPain YRP/Punisher YRP/PythoRAT YRP/QRat YRP/SmallNet YRP/SpyGate YRP/Sub7Nation YRP/UPX YRP/Vertex YRP/unrecom YRP/T5000Strings YRP/T5000 YRP/Misdat_Backdoor YRP/SType_Backdoor YRP/Zlib_Backdoor YRP/Ransom_Satana YRP/Ransom_Satana_Dropper YRP/universal_1337_stealer_serveur YRP/PoisonIvy_2 YRP/ZhoupinExploitCrew YRP/BackDoorLogger YRP/Jasus YRP/NetC YRP/ShellCreator2 YRP/SmartCopy2 YRP/SynFlooder YRP/TinyZBot YRP/antivirusdetector YRP/csext YRP/kagent YRP/mimikatzWrapper YRP/pvz_in YRP/pvz_out YRP/wndTest YRP/zhCat YRP/zhLookUp YRP/zhmimikatz YRP/Zh0uSh311 YRP/OPCLEAVER_BackDoorLogger YRP/OPCLEAVER_Jasus YRP/OPCLEAVER_NetC YRP/OPCLEAVER_ShellCreator2 YRP/OPCLEAVER_SmartCopy2 YRP/OPCLEAVER_SynFlooder YRP/OPCLEAVER_TinyZBot YRP/OPCLEAVER_ZhoupinExploitCrew YRP/OPCLEAVER_antivirusdetector YRP/OPCLEAVER_csext YRP/OPCLEAVER_kagent YRP/OPCLEAVER_mimikatzWrapper YRP/OPCLEAVER_pvz_in YRP/OPCLEAVER_pvz_out YRP/OPCLEAVER_wndTest YRP/OPCLEAVER_zhLookUp YRP/OPCLEAVER_zhmimikatz YRP/Bolonyokte YRP/LinuxAESDDoS YRP/LinuxBillGates YRP/LinuxElknot YRP/LinuxMrBlack YRP/LinuxTsunami YRP/rootkit YRP/exploit YRP/ldpreload YRP/Locky_Ransomware YRP/Locky_Ransomware_2 YRP/BlackRev YRP/Retefe YRP/EzcobStrings YRP/Ezcob YRP/BlackShades2 YRP/BlackShades_4 YRP/BlackShades YRP/BlackShades_25052015 YRP/Tedroo YRP/Molerats_certs YRP/RSharedStrings YRP/GmRemoteStrings YRP/GmRemote YRP/SurtrStrings YRP/SurtrCode YRP/Surtr YRP/KeyBoy_Dropper YRP/KeyBoy_Backdoor YRP/Payload_Exe2Hex YRP/Codoso_Gh0st_3 YRP/Codoso_Gh0st_1 YRP/Codoso_PGV_PVID_3 YRP/Win32Toxic YRP/Crimson YRP/Havex_Trojan_PHP_Server YRP/CSIT_14003_03 YRP/turla_dropper YRP/nAspyUpdateCode YRP/nAspyUpdateStrings YRP/nAspyUpdate YRP/Cythosia YRP/Powerkatz_DLL_Generic YRP/APT_Win_Pipcreat YRP/NSFreeCode YRP/NSFreeStrings YRP/NSFree YRP/Careto_OSX_SBD YRP/Careto_CnC YRP/Careto_CnC_domains YRP/apt_nix_elf_Derusbi_Linux_SharedMemCreation YRP/apt_nix_elf_Derusbi_Linux_Strings YRP/Trojan_Derusbi YRP/APT_Derusbi_DeepPanda YRP/APT_Derusbi_Gen YRP/shimrat YRP/shimratreporter YRP/APT_Hikit_msrv YRP/RooterCode YRP/Rooter YRP/RookieStrings YRP/Rookie YRP/sinlesspleasure_com YRP/amasty_biz YRP/amasty_biz_js YRP/cloudfusion_me YRP/grelos_v YRP/hacked_domains YRP/jquery_code_su YRP/jquery_code_su_multi YRP/Trafficanalyzer_js YRP/atob_js YRP/googieplay_js YRP/mag_php_js YRP/thetech_org_js YRP/md5_cdn_js_link_js YRP/sendsafe YRP/BangatCode YRP/BangatStrings YRP/Bangat YRP/apt_c16_win_memory_pcclient YRP/apt_c16_win_wateringhole YRP/Worm_Gamarue YRP/StegoKatz YRP/FiveEyes_QUERTY_Malwaresig_20123_cmdDef YRP/FiveEyes_QUERTY_Malwareqwerty_20123 YRP/FiveEyes_QUERTY_Malwaresig_20120_dll YRP/FiveEyes_QUERTY_Malwaresig_20120_cmdDef YRP/FiveEyes_QUERTY_Malwaresig_20121_cmdDef YRP/legion_777 YRP/APT3102Code YRP/apt_equation_equationlaser_runtimeclasses YRP/apt_equation_cryptotable YRP/with_sqlite YRP/AthenaHTTP YRP/AthenaHTTP_v2 YRP/AthenaIRC YRP/APT_NGO_wuaclt YRP/Meterpreter_Reverse_Tcp YRP/genome YRP/APT9002Code YRP/APT9002Strings YRP/APT9002 YRP/WaterBug_wipbot_2013_dll YRP/WaterBug_turla_dropper YRP/Ransom_Alpha YRP/Ransom_Alfa YRP/Ransom YRP/Insta11Code YRP/Insta11Strings YRP/Insta11 YRP/Casper_Included_Strings YRP/Casper_SystemInformation_Output YRP/suspicious_packer_section YRP/Hsdfihdf YRP/DarkComet_2 YRP/DarkComet_3 YRP/DarkComet_4 YRP/Grozlex YRP/CryptoLocker_set1 YRP/CryptoLocker_rule2 YRP/BackdoorFCKG YRP/Empire_Get_SecurityPackages YRP/Empire_Invoke_EgressCheck YRP/Empire_PowerShell_Framework_Gen2 YRP/Empire_Invoke_CredentialInjection_Invoke_Mimikatz_Gen YRP/CyberGate YRP/Intel_Virtualization_Wizard_exe YRP/Intel_Virtualization_Wizard_dll YRP/WindowsCredentialEditor YRP/Amplia_Security_Tool YRP/PScan_Portscan_1 YRP/HackTool_Samples YRP/Fierce2 YRP/Ncrack YRP/SQLMap YRP/PortScanner YRP/NetBIOS_Name_Scanner YRP/FeliksPack3___Scanners_ipscan YRP/CGISscan_CGIScan YRP/IP_Stealing_Utilities YRP/PortRacer YRP/scanarator YRP/_Bitchin_Threads_ YRP/portscan YRP/ProPort_zip_Folder_ProPort YRP/StealthWasp_s_Basic_PortScanner_v1_2 YRP/BluesPortScan YRP/scanarator_iis YRP/Angry_IP_Scanner_v2_08_ipscan YRP/crack_Loader YRP/WCE_Modified_1_1014 YRP/BypassUac_3 YRP/Hacktools_CN_Panda_Burst YRP/Hacktools_CN_Burst_Blast YRP/Jc_WinEggDrop_Shell YRP/LinuxHacktool_eyes_pscan2 YRP/Mimikatz_Memory_Rule_1 YRP/Mimikatz_Memory_Rule_2 YRP/VSSown_VBS YRP/LIGHTDART_APT1 YRP/AURIGA_APT1 YRP/BANGAT_APT1 YRP/BISCUIT_GREENCAT_APT1 YRP/BOUNCER_APT1 YRP/BOUNCER_DLL_APT1 YRP/CALENDAR_APT1 YRP/COMBOS_APT1 YRP/DAIRY_APT1 YRP/GLOOXMAIL_APT1 YRP/GOGGLES_APT1 YRP/HACKSFASE1_APT1 YRP/HACKSFASE2_APT1 YRP/KURTON_APT1 YRP/MACROMAIL_APT1 YRP/MANITSME_APT1 YRP/MINIASP_APT1 YRP/NEWSREELS_APT1 YRP/SEASALT_APT1 YRP/STARSYPOUND_APT1 YRP/SWORD_APT1 YRP/thequickbrow_APT1 YRP/TABMSGSQL_APT1 YRP/CCREWBACK1 YRP/TrojanCookies_CCREW YRP/GEN_CCREW1 YRP/Elise YRP/EclipseSunCloudRAT YRP/MoonProject YRP/ccrewDownloader1 YRP/ccrewDownloader2 YRP/ccrewMiniasp YRP/ccrewSSLBack2 YRP/ccrewSSLBack3 YRP/ccrewSSLBack1 YRP/ccrewDownloader3 YRP/ccrewQAZ YRP/metaxcd YRP/MiniASP YRP/DownloaderPossibleCCrew YRP/APT1_LIGHTBOLT YRP/APT1_GETMAIL YRP/APT1_GDOCUPLOAD YRP/APT1_WEBC2_Y21K YRP/APT1_WEBC2_YAHOO YRP/APT1_WEBC2_UGX YRP/APT1_WEBC2_TOCK YRP/APT1_WEBC2_RAVE YRP/APT1_WEBC2_QBP YRP/APT1_WEBC2_HEAD YRP/APT1_WEBC2_GREENCAT YRP/APT1_WEBC2_DIV YRP/APT1_WEBC2_CSON YRP/APT1_WEBC2_CLOVER YRP/APT1_WEBC2_BOLID YRP/APT1_WEBC2_ADSPACE YRP/APT1_WEBC2_AUSOV YRP/APT1_WARP YRP/APT1_TARSIP_ECLIPSE YRP/APT1_TARSIP_MOON YRP/APT1_RARSilent_EXE_PDF YRP/APT1_aspnetreport YRP/APT1_Revird_svc YRP/APT1_dbg_mess YRP/APT1_known_malicious_RARSilent YRP/ShadowTech YRP/SafeNetCode YRP/SafeNetStrings YRP/SafeNet YRP/RegSubDatStrings YRP/RegSubDat YRP/Zegost YRP/gholeeV1 YRP/MW_gholee_v1 YRP/NetpassStrings YRP/NetPass YRP/NetTravStrings YRP/NetTravExports YRP/NetTraveler YRP/FVEY_ShadowBrokers_Jan17_Screen_Strings YRP/NetWiredRC_B YRP/cxpidStrings YRP/cxpidCode YRP/Spora YRP/unk_packer YRP/zoxPNG_RAT YRP/xtreme_rat YRP/XtremeRATCode YRP/XtremeRATStrings YRP/XtremeRAT YRP/xtremrat YRP/Mozart YRP/IndiaCharlie_One YRP/IndiaCharlie_Two YRP/RomeoEcho YRP/DeltaCharlie YRP/PapaAlfa YRP/IndiaAlfa_One YRP/DestructiveTargetCleaningTool5 YRP/DestructiveTargetCleaningTool6 YRP/Malwareusedbycyberthreatactor1 YRP/WhiskeyAlfa YRP/SierraBravo_packed YRP/LimaCharlie YRP/RomeoJuliettMikeTwo YRP/SierraCharlie YRP/RomeoCharlie YRP/IndiaBravo_PapaAlfa YRP/IndiaBravo_RomeoCharlie YRP/IndiaBravo_RomeoBravo YRP/IndiaBravo_generic YRP/TangoAlfa YRP/wiper_unique_strings YRP/wiper_encoded_strings YRP/createP2P YRP/WhiskeyDelta YRP/REDLEAVES_DroppedFile_ObfuscatedShellcodeAndRAT_handkerchief YRP/REDLEAVES_CoreImplant_UniqueStrings YRP/PLUGX_RedLeaves YRP/diamond_fox YRP/LuckyCatCode YRP/OlyxCode YRP/OlyxStrings YRP/Olyx YRP/cerber3 YRP/cerber4 YRP/cerber5 YRP/VidgrabStrings YRP/Vidgrab YRP/PlugXStrings YRP/plugX YRP/lost_door YRP/ScarhiknStrings YRP/ScarhiknCode YRP/Scarhikn YRP/Tinba2 YRP/MirageStrings YRP/Mirage YRP/Mirage_APT YRP/IronTiger_ASPXSpy YRP/IronTiger_wmiexec YRP/IronPanda_Malware_Htran YRP/citadel13xy YRP/Citadel_Malware YRP/Trojan_Win32_PlaSrv YRP/Trojan_Win32_Platual YRP/Trojan_Win32_Plaplex YRP/Trojan_Win32_Dipsind_B YRP/Trojan_Win32_PlaKeylog_B YRP/Trojan_Win32_Adupib YRP/Trojan_Win32_PlaLsaLog YRP/Trojan_Win32_Plakelog YRP/Trojan_Win32_Plainst YRP/Trojan_Win32_Plagicom YRP/Trojan_Win32_Plaklog YRP/Trojan_Win32_Plapiio YRP/Trojan_Win32_Plabit YRP/Trojan_Win32_Placisc2 YRP/Trojan_Win32_Placisc3 YRP/Trojan_Win32_Placisc4 YRP/Adzok YRP/CAP_HookExKeylogger YRP/TerminatorRat YRP/TROJAN_Notepad_shell_crew YRP/IMPLANT_3_v1 YRP/IMPLANT_4_v9 YRP/IMPLANT_5_v2 YRP/IMPLANT_5_v3 YRP/IMPLANT_5_v4 YRP/Unidentified_Malware_Two YRP/pony YRP/TreasureHunt YRP/easterjackpos YRP/Ransom_Petya YRP/Odinaff_swift YRP/Mirai_Generic_Arch YRP/Mirai_MIPS_LSB YRP/Mirai_MIPS_MSB YRP/Mirai_ARM_LSB YRP/Mirai_Renesas_SH YRP/Mirai_PPC_Cisco YRP/Mirai_SPARC_MSB YRP/Mirai_4 YRP/Mirai_Dwnl YRP/Mirai_5 YRP/OpClandestineWolf YRP/xRAT20 YRP/dexter_strings YRP/liudoor YRP/BlackWorm YRP/BernhardPOS YRP/Bozok YRP/WinntiPharma YRP/Unit78020_Malware_Gen1 YRP/DMALocker YRP/DMALocker4 YRP/lateral_movement YRP/xRAT YRP/ELF_Linux_Torte YRP/ELF_Linux_Torte_domains YRP/skeleton_key_patcher YRP/skeleton_key_injected_code KevTheHermit/Paradox KevTheHermit/Bozok KevTheHermit/ClientMesh KevTheHermit/unrecom KevTheHermit/DarkRAT KevTheHermit/Greame KevTheHermit/JavaDropper KevTheHermit/Infinity KevTheHermit/Arcom KevTheHermit/LostDoor KevTheHermit/BlackShades KevTheHermit/PoisonIvy KevTheHermit/Punisher KevTheHermit/Sub7Nation KevTheHermit/BlueBanana KevTheHermit/PythoRAT KevTheHermit/AAR KevTheHermit/LuminosityLink KevTheHermit/Crimson KevTheHermit/NanoCore KevTheHermit/LuxNet KevTheHermit/SpyGate KevTheHermit/BlackNix KevTheHermit/SmallNet KevTheHermit/CyberGate KevTheHermit/xRAT KevTheHermit/DarkComet KevTheHermit/Pandora KevTheHermit/Imminent KevTheHermit/Ap0calypse KevTheHermit/Adzok KevTheHermit/ShadowTech KevTheHermit/Vertex KevTheHermit/HawkEye FlorianRoth/Exploit_MS15_077_078 FlorianRoth/Empire_Get_SecurityPackages FlorianRoth/Empire_Invoke_EgressCheck FlorianRoth/Empire_PowerShell_Framework_Gen2 FlorianRoth/Empire_Invoke_CredentialInjection_Invoke_Mimikatz_Gen FlorianRoth/FiveEyes_QUERTY_Malwaresig_20123_cmdDef FlorianRoth/FiveEyes_QUERTY_Malwareqwerty_20123 FlorianRoth/FiveEyes_QUERTY_Malwaresig_20120_dll FlorianRoth/FiveEyes_QUERTY_Malwaresig_20120_cmdDef FlorianRoth/FiveEyes_QUERTY_Malwaresig_20121_cmdDef FlorianRoth/Mal_http_EXE FlorianRoth/EQGRP_create_dns_injection FlorianRoth/EQGRP_tunnel_state_reader FlorianRoth/EQGRP_eligiblecandidate FlorianRoth/EQGRP_sniffer_xml2pcap FlorianRoth/EQGRP_BananaAid FlorianRoth/EQGRP_shellcode FlorianRoth/EQGRP_jetplow_SH FlorianRoth/EQGRP_extrabacon FlorianRoth/EQGRP_sploit_py FlorianRoth/EQGRP_BICECREAM FlorianRoth/EQGRP_StoreFc FlorianRoth/EQGRP_BARPUNCH_BPICKER FlorianRoth/EQGRP_pandarock FlorianRoth/EQGRP_callbacks FlorianRoth/EQGRP_Unique_Strings FlorianRoth/EQGRP_RC5_RC6_Opcode FlorianRoth/OPCLEAVER_BackDoorLogger FlorianRoth/OPCLEAVER_Jasus FlorianRoth/OPCLEAVER_NetC FlorianRoth/OPCLEAVER_ShellCreator2 FlorianRoth/OPCLEAVER_SmartCopy2 FlorianRoth/OPCLEAVER_SynFlooder FlorianRoth/OPCLEAVER_TinyZBot FlorianRoth/OPCLEAVER_ZhoupinExploitCrew FlorianRoth/OPCLEAVER_antivirusdetector FlorianRoth/OPCLEAVER_csext FlorianRoth/OPCLEAVER_kagent FlorianRoth/OPCLEAVER_mimikatzWrapper FlorianRoth/OPCLEAVER_pvz_in FlorianRoth/OPCLEAVER_pvz_out FlorianRoth/OPCLEAVER_wndTest FlorianRoth/OPCLEAVER_zhLookUp FlorianRoth/OPCLEAVER_zhmimikatz FlorianRoth/RAT_AAR FlorianRoth/RAT_Adzok FlorianRoth/RAT_Ap0calypse FlorianRoth/RAT_Arcom FlorianRoth/RAT_BlackNix FlorianRoth/RAT_BlackShades FlorianRoth/RAT_BlueBanana FlorianRoth/RAT_Bozok FlorianRoth/RAT_ClientMesh FlorianRoth/RAT_CyberGate FlorianRoth/RAT_DarkComet FlorianRoth/RAT_DarkRAT FlorianRoth/RAT_Greame FlorianRoth/RAT_HawkEye FlorianRoth/RAT_Imminent FlorianRoth/RAT_Infinity FlorianRoth/RAT_JavaDropper FlorianRoth/RAT_LostDoor FlorianRoth/RAT_LuminosityLink FlorianRoth/RAT_LuxNet FlorianRoth/RAT_NanoCore FlorianRoth/RAT_Pandora FlorianRoth/RAT_Paradox FlorianRoth/RAT_Plasma FlorianRoth/RAT_PoisonIvy FlorianRoth/RAT_PredatorPain FlorianRoth/RAT_Punisher FlorianRoth/RAT_PythoRAT FlorianRoth/RAT_QRat FlorianRoth/RAT_ShadowTech FlorianRoth/RAT_SmallNet FlorianRoth/RAT_SpyGate FlorianRoth/RAT_Sub7Nation FlorianRoth/RAT_Vertex FlorianRoth/RAT_unrecom FlorianRoth/RAT_xRAT FlorianRoth/ZxShell_Jul17 FlorianRoth/Casper_Included_Strings FlorianRoth/Casper_SystemInformation_Output FlorianRoth/Recon_Commands_Windows_Gen1 FlorianRoth/FVEY_ShadowBrokers_Jan17_Screen_Strings FlorianRoth/Furtim_nativeDLL FlorianRoth/EquationGroup_elgingamble FlorianRoth/EquationGroup_sambal FlorianRoth/EquationGroup__jparsescan_parsescan_5 FlorianRoth/EquationGroup_noclient_3_3_2 FlorianRoth/EquationGroup_Toolset_Apr17_Gen2 FlorianRoth/EquationGroup_Toolset_Apr17_ntevt FlorianRoth/EquationGroup_Toolset_Apr17_msgkd_msslu64_msgki_mssld FlorianRoth/skeleton_key_patcher FlorianRoth/skeleton_key_injected_code FlorianRoth/Unit78020_Malware_Gen1 FlorianRoth/apt_ProjectSauron_encryption FlorianRoth/APT_Liudoor FlorianRoth/Certutil_Decode_OR_Download FlorianRoth/IronPanda_Malware_Htran FlorianRoth/Locky_Ransomware FlorianRoth/DeepPanda_htran_exe FlorianRoth/apt_equation_equationlaser_runtimeclasses FlorianRoth/apt_equation_cryptotable FlorianRoth/CrowdStrike_Shamoon_DroppedFile FlorianRoth/ChinaChopper_Generic FlorianRoth/Payload_Exe2Hex FlorianRoth/WaterBug_wipbot_2013_dll FlorianRoth/WaterBug_turla_dropper FlorianRoth/apt_hellsing_implantstrings FlorianRoth/IMPLANT_3_v1 FlorianRoth/IMPLANT_4_v9 FlorianRoth/IMPLANT_5_v2 FlorianRoth/IMPLANT_5_v3 FlorianRoth/IMPLANT_5_v4 FlorianRoth/Unidentified_Malware_Two FlorianRoth/BernhardPOS FlorianRoth/StuxNet_Malware_1 FlorianRoth/APT_Project_Sauron_Scripts FlorianRoth/APT_Project_Sauron_arping_module FlorianRoth/APT_Project_Sauron_kblogi_module FlorianRoth/APT_Project_Sauron_basex_module FlorianRoth/APT_Project_Sauron_dext_module FlorianRoth/UACME_Akagi FlorianRoth/REDLEAVES_DroppedFile_ObfuscatedShellcodeAndRAT_handkerchief FlorianRoth/REDLEAVES_CoreImplant_UniqueStrings FlorianRoth/PLUGX_RedLeaves FlorianRoth/Invoke_mimikittenz FlorianRoth/Codoso_Gh0st_3 FlorianRoth/Codoso_Gh0st_1 FlorianRoth/Codoso_PGV_PVID_3 FlorianRoth/shimrat FlorianRoth/shimratreporter FlorianRoth/WoolenGoldfish_Generic_3 FlorianRoth/apt_nix_elf_Derusbi_Linux_SharedMemCreation FlorianRoth/apt_nix_elf_Derusbi_Linux_Strings FlorianRoth/Powerkatz_DLL_Generic FlorianRoth/apt_RU_MoonlightMaze_customlokitools FlorianRoth/apt_RU_MoonlightMaze_customsniffer FlorianRoth/loki2crypto FlorianRoth/apt_RU_MoonlightMaze_cle_tool FlorianRoth/apt_RU_MoonlightMaze_xk_keylogger FlorianRoth/apt_RU_MoonlightMaze_IRIX_exploit_GEN FlorianRoth/apt_RU_MoonlightMaze_u_logcleaner FlorianRoth/apt_RU_MoonlightMaze_wipe FlorianRoth/Trojan_Win32_PlaSrv FlorianRoth/Trojan_Win32_Platual FlorianRoth/Trojan_Win32_Plaplex FlorianRoth/Trojan_Win32_Dipsind_B FlorianRoth/Trojan_Win32_PlaKeylog_B FlorianRoth/Trojan_Win32_Adupib FlorianRoth/Trojan_Win32_PlaLsaLog FlorianRoth/Trojan_Win32_Plakelog FlorianRoth/Trojan_Win32_Plainst FlorianRoth/Trojan_Win32_Plagicom FlorianRoth/Trojan_Win32_Plaklog FlorianRoth/Trojan_Win32_Plapiio FlorianRoth/Trojan_Win32_Plabit FlorianRoth/Trojan_Win32_Placisc2 FlorianRoth/Trojan_Win32_Placisc3 FlorianRoth/Trojan_Win32_Placisc4
844eff1b38dac96bfc7073cce0593015	ELF	2017-10-16 01:34:00		YRP/domain YRP/contentis_base64 YRP/Big_Numbers2 YRP/RIPEMD160_Constants [+] YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
1a0bbb85f7dac4160c8dad0a7f8b2eff	ELF	2017-10-16 01:34:11		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Mirai_5
163effe620b931b5dc78ed0ff2893804	ELF	2017-10-16 01:34:52		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
45947c89cc3c9ed181ee8ad4aea428d6	ELF	2017-10-16 01:35:28		YRP/domain YRP/contentis_base64 YRP/Big_Numbers2 YRP/MD5_Constants [+] YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
088ecbefcea845fbb86dfc806a45cb88	ELF	2017-10-16 01:35:42		YRP/domain YRP/url YRP/contentis_base64 YRP/Big_Numbers2 [+] YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
77194cdb48e9be15d16cd30263c1f6dc	ELF	2017-10-16 01:35:52		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
28cbdea898a83418de4271d0d817c4c9	ELF	2017-10-16 01:36:24		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
f046952a471515c7960476fdebfd51b2	ELF	2017-10-16 01:36:54		YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 [+] YRP/android_meterpreter YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/Mirai_5
a70657d7d85dda11bb388f0e46279799	ELF	2017-10-16 01:37:06		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
655de51154a60d9386840d17c37b8c82	ELF	2017-10-16 01:37:10		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Mirai_5
24734ef952fe363415cd4c2f7322276f	ELF	2017-10-16 01:37:29		CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api CuckooSandbox/vmdetect [+] YRP/webshell_iMHaPFtp_2 YRP/webshell_caidao_shell_guo YRP/webshell_cihshell_fix YRP/webshell_asp_EFSO_2 YRP/webshell_caidao_shell_ice_2 YRP/webshell_asp_ice YRP/webshell_asp_404 YRP/webshell_webshell_cnseay02_1 YRP/webshell_php_fbi YRP/webshell_B374kPHP_B374k YRP/webshell_caidao_shell_404 YRP/webshell_ASP_aspydrv YRP/webshell_Dx_Dx YRP/webshell_MySQL_Web_Interface_Version_0_8 YRP/webshell_wsb_idc YRP/webshell_webshell_cnseay_x YRP/webshell_phpkit_0_1a_odd YRP/webshell_Java_Shell YRP/webshell_simple_backdoor YRP/webshell_PHP_c37 YRP/webshell_PHP_b37 YRP/webshell_ghost_source_icesword_silic YRP/webshell_gfs_sh_r57shell_r57shell127_SnIpEr_SA_xxx YRP/webshell_itsec_PHPJackal_itsecteam_shell_jHn YRP/webshell_phpspy_2005_full_phpspy_2005_lite_phpspy_2006_PHPSPY YRP/webshell_webshells_new_con2 YRP/webshell_Expdoor_com_ASP YRP/webshell_webshells_new_php2 YRP/webshell_bypass_iisuser_p YRP/webshell_sig_404super YRP/webshell_webshells_new_JSP YRP/webshell_dev_core YRP/webshell_webshells_new_pHp YRP/webshell_webshells_new_pppp YRP/webshell_webshells_new_code YRP/webshell_webshells_new_xxxx YRP/webshell_webshells_new_PHP1 YRP/webshell_webshells_new_php6 YRP/webshell_GetPostpHp YRP/webshell_webshells_new_php5 YRP/perlbot_pl YRP/php_backdoor_php YRP/Liz0ziM_Private_Safe_Mode_Command_Execuriton_Bypass_Exploit_php YRP/shankar_php_php YRP/Casus15_php_php YRP/small_php_php YRP/shellbot_pl YRP/fuckphpshell_php YRP/ngh_php_php YRP/jsp_reverse_jsp YRP/Tool_asp YRP/NT_Addy_asp YRP/SimAttacker___Vrsion_1_0_0___priv8_4_My_friend_php YRP/phvayvv_php_php YRP/r57shell_php_php YRP/rst_sql_php_php YRP/wh_bindshell_py YRP/lurm_safemod_on_cgi YRP/c99madshell_v2_0_php_php YRP/w3d_php_php YRP/WinX_Shell_html YRP/Dx_php_php YRP/csh_php_php YRP/pHpINJ_php_php YRP/sig_2008_php_php YRP/ak74shell_php_php YRP/Rem_View_php_php YRP/STNC_php_php YRP/aZRaiLPhp_v1_0_php YRP/zacosmall_php YRP/CmdAsp_asp YRP/simple_backdoor_php YRP/mysql_shell_php YRP/Dive_Shell_1_0___Emperor_Hacking_Team_php YRP/Asmodeus_v0_1_pl YRP/Reader_asp YRP/phpshell17_php YRP/SimShell_1_0___Simorgh_Security_MGZ_php YRP/jspshall_jsp YRP/rootshell_php YRP/connectback2_pl YRP/shells_PHP_wso YRP/backdoor1_php YRP/elmaliseker_asp YRP/s72_Shell_v1_1_Coding_html YRP/hidshell_php_php YRP/kacak_asp YRP/PHP_Backdoor_Connect_pl_php YRP/Antichat_Socks5_Server_php_php YRP/Antichat_Shell_v1_3_php YRP/Safe_Mode_Bypass_PHP_4_4_2_and_PHP_5_1_2_php YRP/cyberlords_sql_php_php YRP/Ayyildiz_Tim___AYT__Shell_v_2_1_Biz_html YRP/EFSO_2_asp YRP/lamashell_php YRP/Ajax_PHP_Command_Shell_php YRP/JspWebshell_1_2_jsp YRP/Sincap_php_php YRP/sh_php_php YRP/phpjackal_php YRP/sql_php_php YRP/cgi_python_py YRP/telnetd_pl YRP/php_include_w_shell_php YRP/Safe0ver_Shell__Safe_Mod_Bypass_By_Evilc0der_php YRP/shell_php_php YRP/telnet_cgi YRP/ironshell_php YRP/backdoorfr_php YRP/aspydrv_asp YRP/cmdjsp_jsp YRP/h4ntu_shell__powered_by_tsoi_ YRP/Ajan_asp YRP/PHANTASMA_php YRP/MySQL_Web_Interface_Version_0_8_php YRP/multiple_webshells_0002 YRP/multiple_webshells_0003 YRP/multiple_webshells_0005 YRP/multiple_webshells_0010 YRP/multiple_webshells_0015 YRP/multiple_webshells_0016 YRP/multiple_php_webshells YRP/multiple_webshells_0019 YRP/multiple_webshells_0022 YRP/multiple_webshells_0030 YRP/multiple_webshells_0031 YRP/PHP_Cloaked_Webshell_SuperFetchExec YRP/WebShell_simattacker YRP/WebShell_b374k_mini_shell_php_php YRP/WebShell_b374k_php YRP/WebShell_SimAttacker___Vrsion_1_0_0___priv8_4_My_friend YRP/WebShell_h4ntu_shell__powered_by_tsoi_ YRP/WebShell_php_webshells_MyShell YRP/WebShell_Liz0ziM_Private_Safe_Mode_Command_Execuriton_Bypass_Exploit YRP/WebShell_php_backdoor YRP/WebShell_php_webshells_pHpINJ YRP/WebShell_php_webshells_NGH YRP/WebShell_php_webshells_matamu YRP/WebShell_ru24_post_sh YRP/WebShell_hiddens_shell_v1 YRP/WebShell_safe0ver YRP/WebShell_lamashell YRP/WebShell_Simple_PHP_backdoor_by_DK YRP/WebShell_AK_74_Security_Team_Web_Shell_Beta_Version YRP/WebShell_qsd_php_backdoor YRP/WebShell_Ayyildiz_Tim___AYT__Shell_v_2_1_Biz YRP/WebShell_WinX_Shell YRP/WebShell_php_include_w_shell YRP/WebShell_PhpSpy_Ver_2006 YRP/WebShell_go_shell YRP/WebShell_zehir4_asp_php YRP/WebShell_CasuS_1_5 YRP/WebShell__findsock_php_findsock_shell_php_reverse_shell YRP/Unpack_Injectt YRP/FeliksPack3___PHP_Shells_ssh YRP/bin_Client YRP/ZXshell2_0_rar_Folder_ZXshell YRP/RkNTLoad YRP/binder2_binder2 YRP/thelast_orice2 YRP/sendmail YRP/FSO_s_zehir4 YRP/hkshell_hkshell YRP/DarkSpy105 YRP/EditServer_Webshell YRP/FSO_s_reader YRP/svchostdll YRP/HYTop_DevPack_server YRP/vanquish YRP/BIN_Client YRP/Simple_PHP_BackDooR YRP/hkshell_hkrmv YRP/FeliksPack3___PHP_Shells_phpft YRP/bdcli100 YRP/rdrbs084 YRP/HYTop_CaseSwitch_2005 YRP/FSO_s_casus15_2 YRP/installer YRP/elmaliseker YRP/shelltools_g0t_root_resolve YRP/shelltools_g0t_root_Fport YRP/HYTop_DevPack_upload YRP/PasswordReminder YRP/rknt_zip_Folder_RkNT YRP/dbgntboot YRP/PHP_shell YRP/rdrbs100 YRP/Mithril_Mithril YRP/hkdoordll YRP/Mithril_v1_45_dllTest YRP/dbgiis6cli YRP/Debug_cress YRP/FeliksPack3___PHP_Shells_usr YRP/FSO_s_phpinj YRP/xssshell_db YRP/EditServer_Webshell_2 YRP/by064cli YRP/Mithril_dllTest YRP/connector YRP/shelltools_g0t_root_HideRun YRP/regshell YRP/PHP_Shell_v1_7 YRP/xssshell_save YRP/screencap YRP/ZXshell2_0_rar_Folder_zxrecv YRP/_root_040_zip_Folder_deploy YRP/by063cli YRP/icyfox007v1_10_rar_Folder_asp YRP/byshell063_ntboot_2 YRP/shelltools_g0t_root_xwhois YRP/vanquish_2 YRP/ZXshell2_0_rar_Folder_nc YRP/BIN_Server YRP/HYTop2006_rar_Folder_2006 YRP/HDConfig YRP/Pastebin_Webshell YRP/chinese_spam_echoer YRP/blackhole2_jar YRP/blackhole2_jar2 YRP/blackhole2_jar3 YRP/blackhole2_pdf YRP/blackhole1_jar YRP/blackhole2_htm YRP/blackhole2_htm10 YRP/blackhole2_htm11 YRP/blackhole2_htm12 YRP/blackhole2_htm3 YRP/blackhole2_htm4 YRP/blackhole2_htm5 YRP/blackhole2_htm6 YRP/blackhole2_htm8 YRP/phoenix_html YRP/phoenix_html10 YRP/phoenix_html11 YRP/phoenix_html2 YRP/phoenix_html3 YRP/phoenix_html4 YRP/phoenix_html5 YRP/phoenix_html6 YRP/phoenix_html7 YRP/phoenix_html8 YRP/phoenix_html9 YRP/phoenix_jar YRP/phoenix_jar2 YRP/phoenix_jar3 YRP/phoenix_pdf YRP/phoenix_pdf2 YRP/phoenix_pdf3 YRP/sakura_jar YRP/sakura_jar2 YRP/eleonore_jar YRP/eleonore_jar2 YRP/eleonore_jar3 YRP/eleonore_js YRP/eleonore_js2 YRP/eleonore_js3 YRP/zerox88_js2 YRP/zerox88_js3 YRP/crimepack_jar YRP/crimepack_jar3 YRP/angler_flash YRP/angler_flash2 YRP/angler_flash4 YRP/angler_flash5 YRP/angler_flash_uncompressed YRP/angler_html YRP/angler_html2 YRP/angler_js YRP/bleedinglife2_adobe_2010_1297_exploit YRP/bleedinglife2_adobe_2010_2884_exploit YRP/bleedinglife2_jar2 YRP/bleedinglife2_java_2010_0842_exploit YRP/zeus_js YRP/fragus_htm YRP/fragus_js YRP/fragus_js2 YRP/fragus_js_flash YRP/fragus_js_java YRP/fragus_js_quicktime YRP/fragus_js_vml YRP/zeroaccess_css YRP/zeroaccess_css2 YRP/zeroaccess_htm YRP/zeroaccess_js YRP/zeroaccess_js2 YRP/zeroaccess_js3 YRP/zeroaccess_js4 YRP/possible_includes_base64_packed_functions YRP/silent_banker YRP/zbot YRP/Borland YRP/EnigmaProtector1XSukhovVladimirSergeNMarkin YRP/SPLayerv008 YRP/eXPressorv13CGSoftLabs YRP/Upackv032BetaDwing YRP/WiseInstallerStub YRP/AnskyaNTPackerGeneratorAnskya YRP/NsPack14byNorthStarLiuXingPing YRP/EmbedPEV100V124cyclotron YRP/SetupFactoryv6003SetupLauncher YRP/IMPPacker10MahdiHezavehiIMPOSTER YRP/PEProtectv09 YRP/UPXv20MarkusLaszloReiser YRP/PECompactv200alpha38 YRP/FreeCryptor01build001GlOFF YRP/UnnamedScrambler11Cp0ke YRP/PAVCryptorPawningAntiVirusCryptormasha_dev YRP/EncryptPEV22006115WFS YRP/PrincessSandyv10eMiNENCEProcessPatcherPatch YRP/ocBat2Exe10OC YRP/ASDPack20asd YRP/EXECryptor2021protectedIAT YRP/ThemidaWinLicenseV1XNoCompressionSecureEngineOreansTechnologies YRP/WinUpackv030betaByDwing YRP/ExeSafeguardv10simonzh YRP/PrivateEXEProtector20SetiSoft YRP/NTkrnlSecureSuite01015DLLNTkrnlSoftware YRP/UPXHiTv001DJSiba YRP/Vpackerttui YRP/eXPressorv12CGSoftLabs YRP/Enigmaprotector110111VladimirSukhov YRP/Obsidium1336ObsidiumSoftware YRP/MarjinZEXEScramblerSEbyMarjinZ YRP/Packman0001Bubbasoft YRP/aPackv098bDSESnotsaved YRP/ASProtectvIfyouknowthisversionpostonPEiDboardh2 YRP/AntiDote12DLLDemoSISTeam YRP/Themida1201OreansTechnologies YRP/ASProtectSKE21xexeAlexeySolodovnikov YRP/EXECryptorV21Xsoftcompletecom YRP/RCryptorv11Vaska YRP/nSpackV2xLiuXingPing YRP/MetrowerksCodeWarriorv20GUI YRP/UnnamedScrambler21Beta211p0ke YRP/NoodleCryptv20 YRP/BlindSpot10s134k YRP/DropperCreatorV01Conflict YRP/dUP2xPatcherwwwdiablo2oo2cjbnet YRP/EXECryptor2223compressedcodewwwstrongbitcom YRP/PolyCryptPE214b215JLabSoftwareCreationshoep YRP/MetrowerksCodeWarriorv20Console YRP/Upackv036alphaDwing YRP/NETDLLMicrosoft YRP/CelsiusCrypt21Z3r0 YRP/CreateInstallv200335 YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/Petite21 YRP/VProtectorvcasm YRP/XPackv142 YRP/ExeSplitter13SplitCryptMethodBillPrisonerTPOC YRP/EXECryptor224StrongbitSoftCompleteDevelopmenth3 YRP/ASProtectv12AlexeySolodovnikovh1 YRP/LY_WGKXwwwszleyucom YRP/Enigmaprotector110unregistered YRP/Upackv037v038BetaStripbaserelocationtableOptionDwing YRP/NTkrnlSecureSuiteNTkrnlteam YRP/AaseCrypterbysantasdad YRP/aPackv098bJibz YRP/UPackv011Dwing YRP/NsPacKNetLiuXingPing YRP/RLPv073betaap0x YRP/MetrowerksCodeWarriorDLLv20 YRP/PESpinv04x YRP/D1NS1GD1N YRP/MoleBoxv230Teggo YRP/Petite14 YRP/Petite13 YRP/RosAsm2050aBetov YRP/ACProtect14xRISCOsoft YRP/PEZipv10byBaGIE YRP/NsPackV2XLiuXingPing YRP/KBysPacker028BetaShoooo YRP/AntiDote12DemoSISTeam YRP/VProtector0X12Xvcasm YRP/VIRUSIWormKLEZ YRP/OpenSourceCodeCrypterp0ke YRP/QrYPt0rbyNuTraL YRP/EXECryptor2xxmaxcompressedresources YRP/MSLRHv032aemadicius YRP/EXECryptor2xxcompressedresources YRP/PolyBoxCAnskya YRP/UPolyXv05 YRP/PrivatePersonalPackerPPP102ConquestOfTroycom YRP/ENIGMAProtectorSukhovVladimir YRP/PuNkMoD1xPuNkDuDe YRP/InnoSetupModulev2018 YRP/AntiDote10Demo12SISTeam YRP/nSpackV23LiuXingPing YRP/NsPackv23NorthStar YRP/NTkrnlSecureSuite01015NTkrnlSoftware YRP/CrunchPEv40 YRP/hmimysProtectv10 YRP/PEPaCKv10CCopyright1998byANAKiN YRP/Upack022023betaDwing YRP/kkrunchyv017FGiesen YRP/ACProtectUltraProtect10X20XRiSco YRP/RLPV073betaap0x YRP/yCv13byAshkbizDanehkar YRP/PerlApp602ActiveState YRP/UPXProtectorv10x2 YRP/CodeVirtualizer1310OreansTechnologies YRP/VProtector13Xvcasm YRP/PEQuake006forgat YRP/D1S1Gv11BetaScrambledEXED1N YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/UnnamedScrambler12Bp0ke YRP/LauncherGeneratorv103 YRP/NakedPacker10byBigBoote YRP/ActiveMARK5xTrymediaSystemsInc YRP/AsCryptv01SToRM2 YRP/AsCryptv01SToRM3 YRP/AsCryptv01SToRM4 YRP/PackItBitch10archphase YRP/SafeDiscv4 YRP/EXECryptorv153 YRP/Crunch5Fusion4 YRP/NorthStarPEShrinkerv13byLiuxingping YRP/Armadillo430aSiliconRealmsToolworks YRP/STProtectorV15SilentSoftware YRP/ANDpakk2006DmitryAndreev YRP/NETexecutableMicrosoft YRP/AZProtect0001byAlexZakaAZCRC YRP/ExeSplitter12BillPrisonerTPOC YRP/Morphinev27Holy_FatherRatter29A YRP/EnigmaProtector11X13XSukhovVladimirSergeNMarkin YRP/AsCryptv01SToRM1 YRP/MaskPE16yzkzero YRP/ASProtectv20 YRP/UnnamedScrambler10p0ke YRP/UPXHiT001DJSiba YRP/yPv10bbyAshkbizDanehkar YRP/MSLRHv031a YRP/Upackv039finalDwing YRP/FakeNinjav28Spirit YRP/DragonArmorOrient YRP/Upackv032BetaPatchDwing YRP/Apex30alpha500mhz YRP/ExeSplitter13SplitMethodBillPrisonerTPOC YRP/RJoiner12aVaska YRP/UPXInlinerv10byGPcH YRP/SLVc0deProtector060SLVICU YRP/Upackv029Betav031BetaDwing YRP/AlexProtector10beta2byAlex YRP/MoleBoxv254Teggo YRP/Themida10xx18xxnocompressionOreansTechnologies YRP/PolyBoxDAnskya YRP/nBinderv40 YRP/SimplePack12build3009Method2bagie YRP/RSCsProcessPatcherv151 YRP/VMProtect106107PolyTech YRP/USSR031bySpirit YRP/ASProtectv123RC4build0807exeAlexeySolodovnikov YRP/eXPressorProtection150XCGSoftLabs YRP/XHider10GlobaL YRP/UnnamedScrambler25Ap0ke YRP/InnoSetupModule YRP/FreeCryptor01build002GlOFF YRP/NTPackerV2XErazerZ YRP/SiliconRealmsInstallStub YRP/MoleBoxv20 YRP/AI1Creator1Beta2byMZ YRP/Setup2GoInstallerStub YRP/mkfpackllydd YRP/PrivateexeProtectorV18SetiSoftTeam YRP/DotFixNiceProtect21GPcHSoft YRP/SimplePackV11XMethod2bagie YRP/NullsoftInstallSystemv20 YRP/SLVc0deProtectorv11SLV YRP/PEArmor04600759hying YRP/RpolycryptbyVaska2003071841 YRP/DevCv4 YRP/DevCv5 YRP/UnderGroundCrypterbyBooster2000 YRP/PrivateEXEProtector18 YRP/PolyCryptPE214b215JLabSoftwareCreationshsigned YRP/MEW10byNorthfox YRP/MaskPEV20yzkzero YRP/ChinaProtectdummy YRP/MinkeV101Codius YRP/ElicenseSystemV4000ViaTechInc YRP/PEStubOEPv1x YRP/EXECryptor2117StrongbitSoftCompleteDevelopment YRP/GHFProtectorpackonlyGPcH YRP/UPXV194MarkusOberhumerLaszloMolnarJohnReiser YRP/SoftComp1xBGSoftPT YRP/PeCompact2253276BitSumTechnologies YRP/FlyCrypter10ut1lz YRP/RSCsProcessPatcherv14 YRP/hmimysPacker10hmimys YRP/RLPackV112V114LZMA430ap0x YRP/EXECryptorV22Xsoftcompletecom YRP/PeStubOEPv1x YRP/DEFv10 YRP/UnnamedScrambler251Beta2252p0ke YRP/PrivateEXEProtector18SetiSoft YRP/Safe20 YRP/MZ_Crypt10byBrainSt0rm YRP/NTKrnlPackerAshkbizDanehkar YRP/NME11Publicbyredlime YRP/FakeNinjav28AntiDebugSpirit YRP/EnigmaProtector10XSukhovVladimir YRP/PEProtect09byCristophGabler1998 YRP/RCryptorv16dVaska YRP/Enigmaprotector112VladimirSukhov YRP/PolyEnEV001LennartHedlund YRP/TrainerCreationKitv5Trainer YRP/EXEStealthv273 YRP/EXEStealthv274 YRP/ProtectSharewareV11eCompservCMS YRP/Upackv035alphaDwing YRP/InnoSetupModulev304betav306v307 YRP/ASDPackv10asd YRP/ORiENV1XV2XFisunAV YRP/ARMProtector03bySMoKE YRP/DzAPatcherv13Loader YRP/NullsoftPiMPInstallSystemv1x YRP/EXECryptor2223protectedIAT YRP/Morphinev33SilentSoftwareSilentShieldc2005 YRP/VMProtect07x08PolyTech YRP/WerusCrypter10Kas YRP/PEQuakev006byfORGAT YRP/Anti007V26LiuXingPing YRP/aPackv098m YRP/BamBamv001Bedrock YRP/EXEStealthv25 YRP/Shrinker33 YRP/Shrinker32 YRP/Shrinker34 YRP/eXPressorv120b YRP/SCObfuscatorSuperCRacker YRP/eXPressorv14CGSoftLabs YRP/PUNiSHERV15FEUERRADER YRP/nMacrorecorder10 YRP/iPBProtectv013 YRP/PrivateEXEProtector197SetiSoft YRP/FSGv20 YRP/SimplePack1XMethod2bagie YRP/FishPEShield112116HellFish YRP/PrivateexeProtector20SetiSoftTeam YRP/PEBundlev310 YRP/PECompactv2xx YRP/Armadillo440SiliconRealmsToolworks YRP/EXEStealth276UnregisteredWebtoolMaster YRP/ABCCryptor10byZloY YRP/RLPackV112V114aPlib043ap0x YRP/Crypter31SLESH YRP/FreeCryptor02build002GlOFF YRP/PackItBitchV10archphase YRP/NullsoftInstallSystemv20b4 YRP/BeRoEXEPackerV100BeRo YRP/VIRUSIWormHybris YRP/GPInstallv50332 YRP/VIRUSIWormBagle YRP/UnnamedScrambler20p0ke YRP/NsPackv31NorthStar YRP/HyingsPEArmor075exeHyingCCG YRP/SimplePack121build0909Method2bagie YRP/UnnamedScrambler12C12Dp0ke YRP/AlexProtectorv04beta1byAlex YRP/FishPEShield101HellFish YRP/PrivateexeProtector21522XSetiSoftTeam YRP/PiCryptor10byScofield YRP/PEArmor07600765hying YRP/VBOXv43v46 YRP/ARMProtectorv01bySMoKE YRP/NullsoftInstallSystemv20a0 YRP/D1S1Gv11betaD1N YRP/INCrypter03INinYbyz3e_NiFe YRP/MorphineV27Holy_FatherRatter29A YRP/nBinderv361 YRP/MatrixDongleTDiGmbH YRP/NullsoftInstallSystemv20RC2 YRP/MSLRHv01emadicius YRP/VProtector11A12vcasm YRP/codeCrypter031 YRP/RLPackFullEditionV11Xap0x YRP/Escargot01byueMeat YRP/ACProtectv135riscosoftwareIncAnticrackSoftware YRP/winrar_sfx YRP/mpress_2_xx_net YRP/rpx_1_xx YRP/dotfuscator YRP/AutoIt_2 YRP/free_pascal YRP/borland_delphi_dll YRP/AutoIt YRP/email_Ukraine_power_attack_content YRP/davivienda YRP/with_attachment YRP/content YRP/CryptoWall_Resume_phish YRP/possible_exploit YRP/XDP_embedded_PDF YRP/Contains_hidden_PE_File_inside_a_sequence_of_numbers YRP/Contains_UserForm_Object YRP/powershell YRP/maldoc_API_hashing YRP/maldoc_indirect_function_call_1 YRP/maldoc_indirect_function_call_2 YRP/maldoc_indirect_function_call_3 YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/macrocheck YRP/malrtf_ole2link YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/System_Tools YRP/Browsers YRP/RE_Tools YRP/Antivirus YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Sandboxie_Detection YRP/VirtualPC_Detection YRP/VirtualBox_Detection YRP/Parallels_Detection YRP/Qemu_Detection YRP/Dropper_Strings YRP/AutoIT_compiled_script YRP/Obfuscated_Strings YRP/Base64d_PE YRP/Misc_Suspicious_Strings YRP/BITS_CLSID YRP/DebuggerCheck__PEB YRP/DebuggerCheck__GlobalFlags YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/DebuggerHiding__Active YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/DebuggerCheck__DrWatson YRP/SEH__v3 YRP/SEH__v4 YRP/SEH__vba YRP/SEH__vectored YRP/Check_Wine YRP/vmdetect YRP/WMI_VM_Detect YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antisb_sandboxie YRP/antivm_virtualbox YRP/antivm_vmware YRP/disable_antivirus YRP/disable_firewall YRP/disable_dep YRP/inject_thread YRP/create_service YRP/create_com_service YRP/network_udp_sock YRP/network_tcp_listen YRP/network_dyndns YRP/network_smtp_dotNet YRP/network_smtp_raw YRP/network_smtp_vb YRP/network_p2p_win YRP/network_irc YRP/network_http YRP/network_dropper YRP/network_ftp YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/network_dga YRP/bitcoin YRP/escalate_priv YRP/screenshot YRP/lookupip YRP/lookupgeo YRP/keylogger YRP/cred_local YRP/sniff_audio YRP/cred_ff YRP/cred_vnc YRP/cred_ie7 YRP/sniff_lan YRP/migrate_apc YRP/spreading_file YRP/spreading_share YRP/rat_vnc YRP/rat_rdp YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/vmdetect_misc YRP/genericSMS YRP/genericSMS2 YRP/dropper YRP/tachi YRP/android_meterpreter YRP/android_metasploit YRP/dowgin YRP/adware YRP/dropperMapin YRP/Mapin YRP/SlemBunk YRP/xbot007 YRP/moscow_fake YRP/marcher1 YRP/marcher2 YRP/marcher3 YRP/Trojan_Dendroid YRP/SpyNet YRP/smsfraud1 YRP/Mal_http_EXE YRP/cve_2013_0074 YRP/Linux_DirtyCow_Exploit YRP/Exploit_MS15_077_078 YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Prime_Constants_char YRP/Prime_Constants_long YRP/Advapi_Hash_API YRP/Crypt32_CryptBinaryToString_API YRP/CRC32c_poly_Constant YRP/CRC32_poly_Constant YRP/CRC32_table YRP/CRC32_table_lookup YRP/CRC32b_poly_Constant YRP/CRC16_table YRP/FlyUtilsCnDES_ECB_Encrypt YRP/FlyUtilsCnDES_ECB_Decrypt YRP/Elf_Hash YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/MD5_API YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/WHIRLPOOL_Constants YRP/Miracl_powmod YRP/Miracl_crt YRP/CryptoPP_a_exp_b_mod_c YRP/CryptoPP_modulo YRP/FGint_MontgomeryModExp YRP/FGint_FGIntModExp YRP/FGint_MulByInt YRP/FGint_DivMod YRP/FGint_FGIntDestroy YRP/FGint_Base10StringToGInt YRP/FGint_ConvertBase256to64 YRP/FGint_ConvertHexStringToBase256String YRP/FGint_Base256StringToGInt YRP/FGint_FGIntToBase256String YRP/FGint_ConvertBase256StringToHexString YRP/FGint_PGPConvertBase256to64 YRP/FGint_RSAEncrypt YRP/FGint_RsaDecrypt YRP/FGint_RSAVerify YRP/FGint_FindPrimeGoodCurveAndPoint YRP/FGint_ECElGamalEncrypt YRP/FGint_ECAddPoints YRP/FGint_ECPointKMultiple YRP/FGint_ECPointDestroy YRP/FGint_DSAPrimeSearch YRP/FGint_DSASign YRP/FGint_DSAVerify YRP/DES_Long YRP/DES_sbox YRP/DES_pbox_long YRP/OpenSSL_BN_mod_exp2_mont YRP/OpenSSL_BN_mod_exp_mont YRP/OpenSSL_BN_mod_exp_recp YRP/OpenSSL_BN_mod_exp_simple YRP/OpenSSL_BN_mod_exp_inverse YRP/OpenSSL_DSA YRP/FGint_RsaSign YRP/LockBox_RsaEncryptFile YRP/LockBox_DecryptRsaEx YRP/LockBox_EncryptRsaEx YRP/LockBox_TlbRsaKey YRP/BigDig_bpInit YRP/BigDig_mpModExp YRP/BigDig_mpModInv YRP/BigDig_mpModMult YRP/BigDig_mpModulo YRP/BigDig_spModExpB YRP/BigDig_spModInv YRP/BigDig_spModMult YRP/CryptoPP_ApplyFunction YRP/CryptoPP_RsaFunction YRP/CryptoPP_Integer_constructor YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_CHAR_inv YRP/RijnDael_AES_LONG YRP/RsaRef2_NN_modExp YRP/RsaRef2_NN_modInv YRP/RsaRef2_NN_modMult YRP/RsaRef2_RsaPrivateDecrypt YRP/RsaRef2_RsaPrivateEncrypt YRP/RsaRef2_RsaPublicDecrypt YRP/RsaRef2_RsaPublicEncrypt YRP/RsaEuro_NN_modInv YRP/RsaEuro_NN_modMult YRP/Miracl_Big_constructor YRP/Miracl_mirvar YRP/Miracl_mirsys_init YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_RandomRange YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Delphi_IntToStr YRP/Delphi_StrToInt YRP/Delphi_DecodeDate YRP/Unknown_Random YRP/VC6_Random YRP/VC8_Random YRP/DCP_RIJNDAEL_Init YRP/DCP_RIJNDAEL_EncryptECB YRP/DCP_BLOWFISH_Init YRP/DCP_BLOWFISH_EncryptCBC YRP/DCP_DES_Init YRP/DCP_DES_EncryptECB YRP/TeslaCrypt YRP/Shifu YRP/WoolenGoldfish_Generic_3 YRP/Cerberus YRP/dump_sales_quote_payment YRP/dump_sales_order YRP/md5_64651cede2467fdeb1b3b7e6ff3f81cb YRP/md5_6bf4910b01aa4f296e590b75a3d25642 YRP/fopo_webshell YRP/eval_post YRP/spam_mailer YRP/md5_2c37d90dd2c9c743c273cb955dd83ef6 YRP/md5_3ccdd51fe616c08daafd601589182d38 YRP/md5_4b69af81b89ba444204680d506a8e0a1 YRP/md5_71a7c769e644d8cf3cf32419239212c7 YRP/md5_87cf8209494eedd936b28ff620e28780 YRP/md5_fb9e35bf367a106d18eb6aa0fe406437 YRP/md5_8e5f7f6523891a5dcefcbb1a79e5bbe9 YRP/eval_base64_decode_a YRP/md5_ab63230ee24a988a4a9245c2456e4874 YRP/md5_d30b23d1224438518d18e90c218d7c8b YRP/md5_24f2df1b9d49cfb02d8954b08dba471f YRP/md5_fd141197c89d27b30821f3de8627ac38 YRP/visbot YRP/md5_4c4b3d4ba5bce7191a5138efa2468679 YRP/md5_6eb201737a6ef3c4880ae0b8983398a9 YRP/md5_d201d61510f7889f1a47257d52b15fa2 YRP/md5_06e3ed58854daeacf1ed82c56a883b04 YRP/md5_28690a72362e021f65bb74eecc54255e YRP/fake_magentoupdate_site YRP/md5_4aa900ddd4f1848a15c61a9b7acd5035 YRP/glassrat YRP/iexpl0reCode YRP/iexpl0reStrings YRP/iexpl0re YRP/memory_pivy YRP/memory_shylock YRP/Cloaked_as_JPG YRP/rtf_yahoo_ken YRP/ZXProxy YRP/EmiratesStatement YRP/SpyGate_v2_9 YRP/qadars YRP/shylock YRP/spyeye YRP/spyeye_plugins YRP/callTogether_certificate YRP/qti_certificate YRP/DownExecute_A YRP/Pandora YRP/Base64_encoded_Executable YRP/Invoke_mimikittenz YRP/Bublik YRP/Derkziel YRP/EquationGroup_elgingamble YRP/EquationGroup_sambal YRP/EquationGroup__jparsescan_parsescan_5 YRP/EquationGroup_Toolset_Apr17_Gen2 YRP/EquationGroup_Toolset_Apr17_ntevt YRP/EquationGroup_Toolset_Apr17_msgkd_msslu64_msgki_mssld YRP/LogPOS YRP/apt_regin_rc5key YRP/GEN_PowerShell YRP/moose YRP/apt_hellsing_implantstrings YRP/SharedStrings YRP/Njrat YRP/njrat1 YRP/network_traffic_njRAT YRP/Ransom_CryptXXX_Dropper YRP/Ransom_CryptXXX_Real YRP/WimmieShellcode YRP/WimmieStrings YRP/Wimmie YRP/XOR_DDosv1 YRP/KelihosHlux YRP/Wabot YRP/TROJAN_Notepad YRP/CrowdStrike_Shamoon_DroppedFile YRP/APT_bestia YRP/FavoriteCode YRP/FavoriteStrings YRP/Trojan_W32_Gh0stMiancha_1_0_0 YRP/korlia YRP/APT_DeputyDog_Fexel YRP/onimiki YRP/backoff YRP/NaikonCode YRP/NaikonStrings YRP/Naikon YRP/PubSabCode YRP/PubSabStrings YRP/PubSab YRP/ChickenDOS_Linux YRP/DDosTf YRP/UACME_Akagi YRP/MacControlCode YRP/MacControlStrings YRP/MacControl YRP/CookiesStrings YRP/Cookies YRP/alina YRP/YayihCode YRP/YayihStrings YRP/Yayih YRP/MongalCode YRP/MongalStrings YRP/Mongal YRP/BoousetCode YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/StuxNet_Malware_1 YRP/Scieron YRP/IMulerCode YRP/IMulerStrings YRP/IMuler YRP/Furtim_nativeDLL YRP/GlassesCode YRP/Glasses YRP/EQGRP_create_dns_injection YRP/EQGRP_tunnel_state_reader YRP/EQGRP_eligiblecandidate YRP/EQGRP_sniffer_xml2pcap YRP/EQGRP_BananaAid YRP/EQGRP_shellcode YRP/EQGRP_jetplow_SH YRP/EQGRP_extrabacon YRP/EQGRP_sploit_py YRP/EQGRP_BICECREAM YRP/EQGRP_StoreFc YRP/EQGRP_BARPUNCH_BPICKER YRP/EQGRP_pandarock YRP/EQGRP_callbacks YRP/EQGRP_Unique_Strings YRP/EQGRP_RC5_RC6_Opcode YRP/GoziRule YRP/gh0st YRP/WarpCode YRP/WarpStrings YRP/Warp YRP/EnfalCode YRP/EnfalStrings YRP/Enfal YRP/QuarianStrings YRP/QuarianCode YRP/Quarian YRP/urausy_skype_dat YRP/AAR YRP/Ap0calypse YRP/Arcom YRP/BlackNix YRP/BlueBanana YRP/ClientMesh YRP/DarkRAT YRP/Greame YRP/HawkEye YRP/Imminent YRP/Infinity YRP/JavaDropper YRP/LostDoor YRP/LuminosityLink YRP/LuxNet YRP/NanoCore YRP/Paradox YRP/Plasma YRP/PredatorPain YRP/Punisher YRP/PythoRAT YRP/QRat YRP/SmallNet YRP/SpyGate YRP/Sub7Nation YRP/UPX YRP/Vertex YRP/unrecom YRP/T5000Strings YRP/T5000 YRP/Misdat_Backdoor YRP/SType_Backdoor YRP/Zlib_Backdoor YRP/Ransom_Satana YRP/Ransom_Satana_Dropper YRP/universal_1337_stealer_serveur YRP/PoisonIvy_2 YRP/ZhoupinExploitCrew YRP/BackDoorLogger YRP/Jasus YRP/NetC YRP/ShellCreator2 YRP/SmartCopy2 YRP/SynFlooder YRP/TinyZBot YRP/antivirusdetector YRP/csext YRP/kagent YRP/mimikatzWrapper YRP/pvz_in YRP/pvz_out YRP/wndTest YRP/zhCat YRP/zhLookUp YRP/zhmimikatz YRP/Zh0uSh311 YRP/OPCLEAVER_BackDoorLogger YRP/OPCLEAVER_Jasus YRP/OPCLEAVER_NetC YRP/OPCLEAVER_ShellCreator2 YRP/OPCLEAVER_SmartCopy2 YRP/OPCLEAVER_SynFlooder YRP/OPCLEAVER_TinyZBot YRP/OPCLEAVER_ZhoupinExploitCrew YRP/OPCLEAVER_antivirusdetector YRP/OPCLEAVER_csext YRP/OPCLEAVER_kagent YRP/OPCLEAVER_mimikatzWrapper YRP/OPCLEAVER_pvz_in YRP/OPCLEAVER_pvz_out YRP/OPCLEAVER_wndTest YRP/OPCLEAVER_zhLookUp YRP/OPCLEAVER_zhmimikatz YRP/Bolonyokte YRP/LinuxAESDDoS YRP/LinuxBillGates YRP/LinuxElknot YRP/LinuxMrBlack YRP/LinuxTsunami YRP/rootkit YRP/exploit YRP/ldpreload YRP/Locky_Ransomware YRP/Locky_Ransomware_2 YRP/BlackRev YRP/Retefe YRP/EzcobStrings YRP/Ezcob YRP/BlackShades2 YRP/BlackShades_4 YRP/BlackShades YRP/BlackShades_25052015 YRP/Tedroo YRP/Molerats_certs YRP/RSharedStrings YRP/GmRemoteStrings YRP/GmRemote YRP/SurtrStrings YRP/SurtrCode YRP/Surtr YRP/KeyBoy_Dropper YRP/KeyBoy_Backdoor YRP/Payload_Exe2Hex YRP/Codoso_Gh0st_3 YRP/Codoso_Gh0st_1 YRP/Codoso_PGV_PVID_3 YRP/Win32Toxic YRP/Crimson YRP/Havex_Trojan_PHP_Server YRP/CSIT_14003_03 YRP/turla_dropper YRP/nAspyUpdateCode YRP/nAspyUpdateStrings YRP/nAspyUpdate YRP/Cythosia YRP/Powerkatz_DLL_Generic YRP/APT_Win_Pipcreat YRP/NSFreeCode YRP/NSFreeStrings YRP/NSFree YRP/Careto_OSX_SBD YRP/Careto_CnC YRP/Careto_CnC_domains YRP/apt_nix_elf_Derusbi_Linux_SharedMemCreation YRP/apt_nix_elf_Derusbi_Linux_Strings YRP/Trojan_Derusbi YRP/APT_Derusbi_DeepPanda YRP/APT_Derusbi_Gen YRP/shimrat YRP/shimratreporter YRP/APT_Hikit_msrv YRP/RooterCode YRP/Rooter YRP/RookieStrings YRP/Rookie YRP/sinlesspleasure_com YRP/amasty_biz YRP/amasty_biz_js YRP/cloudfusion_me YRP/grelos_v YRP/hacked_domains YRP/jquery_code_su YRP/jquery_code_su_multi YRP/Trafficanalyzer_js YRP/atob_js YRP/googieplay_js YRP/mag_php_js YRP/thetech_org_js YRP/md5_cdn_js_link_js YRP/sendsafe YRP/BangatCode YRP/BangatStrings YRP/Bangat YRP/apt_c16_win_memory_pcclient YRP/apt_c16_win_wateringhole YRP/Worm_Gamarue YRP/FiveEyes_QUERTY_Malwaresig_20123_cmdDef YRP/FiveEyes_QUERTY_Malwareqwerty_20123 YRP/FiveEyes_QUERTY_Malwaresig_20120_dll YRP/FiveEyes_QUERTY_Malwaresig_20120_cmdDef YRP/FiveEyes_QUERTY_Malwaresig_20121_cmdDef YRP/legion_777 YRP/APT3102Code YRP/apt_equation_equationlaser_runtimeclasses YRP/apt_equation_cryptotable YRP/with_sqlite YRP/AthenaHTTP YRP/AthenaHTTP_v2 YRP/AthenaIRC YRP/APT_NGO_wuaclt YRP/Meterpreter_Reverse_Tcp YRP/genome YRP/APT9002Code YRP/APT9002Strings YRP/APT9002 YRP/WaterBug_wipbot_2013_dll YRP/WaterBug_turla_dropper YRP/Ransom_Alpha YRP/Ransom_Alfa YRP/Ransom YRP/Insta11Code YRP/Insta11Strings YRP/Insta11 YRP/Casper_Included_Strings YRP/Casper_SystemInformation_Output YRP/suspicious_packer_section YRP/Hsdfihdf YRP/DarkComet_2 YRP/DarkComet_3 YRP/DarkComet_4 YRP/Grozlex YRP/CryptoLocker_set1 YRP/CryptoLocker_rule2 YRP/BackdoorFCKG YRP/Empire_Get_SecurityPackages YRP/Empire_Invoke_EgressCheck YRP/Empire_PowerShell_Framework_Gen2 YRP/Empire_Invoke_CredentialInjection_Invoke_Mimikatz_Gen YRP/CyberGate YRP/Intel_Virtualization_Wizard_exe YRP/Intel_Virtualization_Wizard_dll YRP/WindowsCredentialEditor YRP/Amplia_Security_Tool YRP/PScan_Portscan_1 YRP/HackTool_Samples YRP/Fierce2 YRP/Ncrack YRP/SQLMap YRP/PortScanner YRP/NetBIOS_Name_Scanner YRP/FeliksPack3___Scanners_ipscan YRP/CGISscan_CGIScan YRP/IP_Stealing_Utilities YRP/PortRacer YRP/scanarator YRP/_Bitchin_Threads_ YRP/portscan YRP/ProPort_zip_Folder_ProPort YRP/StealthWasp_s_Basic_PortScanner_v1_2 YRP/BluesPortScan YRP/scanarator_iis YRP/Angry_IP_Scanner_v2_08_ipscan YRP/crack_Loader YRP/WCE_Modified_1_1014 YRP/BypassUac_3 YRP/APT_Proxy_Malware_Packed_dev YRP/Hacktools_CN_Panda_Burst YRP/Hacktools_CN_Burst_Blast YRP/Jc_WinEggDrop_Shell YRP/LinuxHacktool_eyes_pscan2 YRP/Mimikatz_Memory_Rule_1 YRP/Mimikatz_Memory_Rule_2 YRP/VSSown_VBS YRP/LIGHTDART_APT1 YRP/AURIGA_APT1 YRP/BANGAT_APT1 YRP/BISCUIT_GREENCAT_APT1 YRP/BOUNCER_APT1 YRP/BOUNCER_DLL_APT1 YRP/CALENDAR_APT1 YRP/COMBOS_APT1 YRP/DAIRY_APT1 YRP/GLOOXMAIL_APT1 YRP/GOGGLES_APT1 YRP/HACKSFASE1_APT1 YRP/HACKSFASE2_APT1 YRP/KURTON_APT1 YRP/MACROMAIL_APT1 YRP/MANITSME_APT1 YRP/MINIASP_APT1 YRP/NEWSREELS_APT1 YRP/SEASALT_APT1 YRP/STARSYPOUND_APT1 YRP/SWORD_APT1 YRP/thequickbrow_APT1 YRP/TABMSGSQL_APT1 YRP/CCREWBACK1 YRP/TrojanCookies_CCREW YRP/GEN_CCREW1 YRP/Elise YRP/EclipseSunCloudRAT YRP/MoonProject YRP/ccrewDownloader1 YRP/ccrewDownloader2 YRP/ccrewMiniasp YRP/ccrewSSLBack2 YRP/ccrewSSLBack3 YRP/ccrewSSLBack1 YRP/ccrewDownloader3 YRP/ccrewQAZ YRP/metaxcd YRP/MiniASP YRP/DownloaderPossibleCCrew YRP/APT1_LIGHTBOLT YRP/APT1_GETMAIL YRP/APT1_GDOCUPLOAD YRP/APT1_WEBC2_Y21K YRP/APT1_WEBC2_YAHOO YRP/APT1_WEBC2_UGX YRP/APT1_WEBC2_TOCK YRP/APT1_WEBC2_RAVE YRP/APT1_WEBC2_QBP YRP/APT1_WEBC2_HEAD YRP/APT1_WEBC2_GREENCAT YRP/APT1_WEBC2_DIV YRP/APT1_WEBC2_CSON YRP/APT1_WEBC2_CLOVER YRP/APT1_WEBC2_BOLID YRP/APT1_WEBC2_ADSPACE YRP/APT1_WEBC2_AUSOV YRP/APT1_WARP YRP/APT1_TARSIP_ECLIPSE YRP/APT1_TARSIP_MOON YRP/APT1_RARSilent_EXE_PDF YRP/APT1_aspnetreport YRP/APT1_Revird_svc YRP/APT1_dbg_mess YRP/APT1_known_malicious_RARSilent YRP/ShadowTech YRP/SafeNetCode YRP/SafeNetStrings YRP/SafeNet YRP/RegSubDatStrings YRP/RegSubDat YRP/Zegost YRP/gholeeV1 YRP/MW_gholee_v1 YRP/NetpassStrings YRP/NetPass YRP/NetTravStrings YRP/NetTravExports YRP/NetTraveler YRP/FVEY_ShadowBrokers_Jan17_Screen_Strings YRP/NetWiredRC_B YRP/cxpidStrings YRP/cxpidCode YRP/Spora YRP/unk_packer YRP/zoxPNG_RAT YRP/xtreme_rat YRP/XtremeRATCode YRP/XtremeRATStrings YRP/XtremeRAT YRP/xtremrat YRP/Mozart YRP/IndiaCharlie_One YRP/IndiaCharlie_Two YRP/RomeoEcho YRP/DeltaCharlie YRP/PapaAlfa YRP/IndiaAlfa_One YRP/DestructiveTargetCleaningTool5 YRP/DestructiveTargetCleaningTool6 YRP/Malwareusedbycyberthreatactor1 YRP/WhiskeyAlfa YRP/SierraBravo_packed YRP/LimaCharlie YRP/RomeoJuliettMikeTwo YRP/SierraCharlie YRP/RomeoCharlie YRP/IndiaBravo_PapaAlfa YRP/IndiaBravo_RomeoCharlie YRP/IndiaBravo_RomeoBravo YRP/IndiaBravo_generic YRP/TangoAlfa YRP/wiper_unique_strings YRP/wiper_encoded_strings YRP/createP2P YRP/WhiskeyDelta YRP/REDLEAVES_DroppedFile_ObfuscatedShellcodeAndRAT_handkerchief YRP/REDLEAVES_CoreImplant_UniqueStrings YRP/PLUGX_RedLeaves YRP/diamond_fox YRP/LuckyCatCode YRP/OlyxCode YRP/OlyxStrings YRP/Olyx YRP/cerber3 YRP/cerber4 YRP/cerber5 YRP/VidgrabStrings YRP/Vidgrab YRP/PlugXStrings YRP/plugX YRP/lost_door YRP/ScarhiknStrings YRP/ScarhiknCode YRP/Scarhikn YRP/Tinba2 YRP/MirageStrings YRP/Mirage YRP/Mirage_APT YRP/IronTiger_ASPXSpy YRP/IronTiger_wmiexec YRP/IronPanda_Malware_Htran YRP/citadel13xy YRP/Citadel_Malware YRP/Trojan_Win32_PlaSrv YRP/Trojan_Win32_Platual YRP/Trojan_Win32_Plaplex YRP/Trojan_Win32_Dipsind_B YRP/Trojan_Win32_PlaKeylog_B YRP/Trojan_Win32_Adupib YRP/Trojan_Win32_PlaLsaLog YRP/Trojan_Win32_Plakelog YRP/Trojan_Win32_Plainst YRP/Trojan_Win32_Plagicom YRP/Trojan_Win32_Plaklog YRP/Trojan_Win32_Plapiio YRP/Trojan_Win32_Plabit YRP/Trojan_Win32_Placisc2 YRP/Trojan_Win32_Placisc3 YRP/Trojan_Win32_Placisc4 YRP/Adzok YRP/CAP_HookExKeylogger YRP/TerminatorRat YRP/TROJAN_Notepad_shell_crew YRP/IMPLANT_3_v1 YRP/IMPLANT_4_v9 YRP/IMPLANT_5_v2 YRP/IMPLANT_5_v3 YRP/IMPLANT_5_v4 YRP/Unidentified_Malware_Two YRP/pony YRP/TreasureHunt YRP/easterjackpos YRP/Ransom_Petya YRP/Odinaff_swift YRP/Mirai_Generic_Arch YRP/Mirai_MIPS_LSB YRP/Mirai_MIPS_MSB YRP/Mirai_ARM_LSB YRP/Mirai_Renesas_SH YRP/Mirai_PPC_Cisco YRP/Mirai_SPARC_MSB YRP/Mirai_4 YRP/Mirai_Dwnl YRP/Mirai_5 YRP/OpClandestineWolf YRP/xRAT20 YRP/dexter_strings YRP/liudoor YRP/BlackWorm YRP/BernhardPOS YRP/Bozok YRP/WinntiPharma YRP/Unit78020_Malware_Gen1 YRP/DMALocker YRP/DMALocker4 YRP/lateral_movement YRP/xRAT YRP/ELF_Linux_Torte YRP/ELF_Linux_Torte_domains YRP/skeleton_key_patcher YRP/skeleton_key_injected_code KevTheHermit/Paradox KevTheHermit/Bozok KevTheHermit/ClientMesh KevTheHermit/unrecom KevTheHermit/DarkRAT KevTheHermit/Greame KevTheHermit/JavaDropper KevTheHermit/Infinity KevTheHermit/Arcom KevTheHermit/LostDoor KevTheHermit/BlackShades KevTheHermit/PoisonIvy KevTheHermit/Punisher KevTheHermit/Sub7Nation KevTheHermit/BlueBanana KevTheHermit/PythoRAT KevTheHermit/AAR KevTheHermit/LuminosityLink KevTheHermit/Crimson KevTheHermit/NanoCore KevTheHermit/LuxNet KevTheHermit/SpyGate KevTheHermit/BlackNix KevTheHermit/SmallNet KevTheHermit/CyberGate KevTheHermit/xRAT KevTheHermit/DarkComet KevTheHermit/Pandora KevTheHermit/Imminent KevTheHermit/Ap0calypse KevTheHermit/Adzok KevTheHermit/ShadowTech KevTheHermit/Vertex KevTheHermit/HawkEye FlorianRoth/Exploit_MS15_077_078 FlorianRoth/Empire_Get_SecurityPackages FlorianRoth/Empire_Invoke_EgressCheck FlorianRoth/Empire_PowerShell_Framework_Gen2 FlorianRoth/Empire_Invoke_CredentialInjection_Invoke_Mimikatz_Gen FlorianRoth/FiveEyes_QUERTY_Malwaresig_20123_cmdDef FlorianRoth/FiveEyes_QUERTY_Malwareqwerty_20123 FlorianRoth/FiveEyes_QUERTY_Malwaresig_20120_dll FlorianRoth/FiveEyes_QUERTY_Malwaresig_20120_cmdDef FlorianRoth/FiveEyes_QUERTY_Malwaresig_20121_cmdDef FlorianRoth/Mal_http_EXE FlorianRoth/EQGRP_create_dns_injection FlorianRoth/EQGRP_tunnel_state_reader FlorianRoth/EQGRP_eligiblecandidate FlorianRoth/EQGRP_sniffer_xml2pcap FlorianRoth/EQGRP_BananaAid FlorianRoth/EQGRP_shellcode FlorianRoth/EQGRP_jetplow_SH FlorianRoth/EQGRP_extrabacon FlorianRoth/EQGRP_sploit_py FlorianRoth/EQGRP_BICECREAM FlorianRoth/EQGRP_StoreFc FlorianRoth/EQGRP_BARPUNCH_BPICKER FlorianRoth/EQGRP_pandarock FlorianRoth/EQGRP_callbacks FlorianRoth/EQGRP_Unique_Strings FlorianRoth/EQGRP_RC5_RC6_Opcode FlorianRoth/OPCLEAVER_BackDoorLogger FlorianRoth/OPCLEAVER_Jasus FlorianRoth/OPCLEAVER_NetC FlorianRoth/OPCLEAVER_ShellCreator2 FlorianRoth/OPCLEAVER_SmartCopy2 FlorianRoth/OPCLEAVER_SynFlooder FlorianRoth/OPCLEAVER_TinyZBot FlorianRoth/OPCLEAVER_ZhoupinExploitCrew FlorianRoth/OPCLEAVER_antivirusdetector FlorianRoth/OPCLEAVER_csext FlorianRoth/OPCLEAVER_kagent FlorianRoth/OPCLEAVER_mimikatzWrapper FlorianRoth/OPCLEAVER_pvz_in FlorianRoth/OPCLEAVER_pvz_out FlorianRoth/OPCLEAVER_wndTest FlorianRoth/OPCLEAVER_zhLookUp FlorianRoth/OPCLEAVER_zhmimikatz FlorianRoth/RAT_AAR FlorianRoth/RAT_Adzok FlorianRoth/RAT_Ap0calypse FlorianRoth/RAT_Arcom FlorianRoth/RAT_BlackNix FlorianRoth/RAT_BlackShades FlorianRoth/RAT_BlueBanana FlorianRoth/RAT_Bozok FlorianRoth/RAT_ClientMesh FlorianRoth/RAT_CyberGate FlorianRoth/RAT_DarkComet FlorianRoth/RAT_DarkRAT FlorianRoth/RAT_Greame FlorianRoth/RAT_HawkEye FlorianRoth/RAT_Imminent FlorianRoth/RAT_Infinity FlorianRoth/RAT_JavaDropper FlorianRoth/RAT_LostDoor FlorianRoth/RAT_LuminosityLink FlorianRoth/RAT_LuxNet FlorianRoth/RAT_NanoCore FlorianRoth/RAT_Pandora FlorianRoth/RAT_Paradox FlorianRoth/RAT_Plasma FlorianRoth/RAT_PoisonIvy FlorianRoth/RAT_PredatorPain FlorianRoth/RAT_Punisher FlorianRoth/RAT_PythoRAT FlorianRoth/RAT_QRat FlorianRoth/RAT_ShadowTech FlorianRoth/RAT_SmallNet FlorianRoth/RAT_SpyGate FlorianRoth/RAT_Sub7Nation FlorianRoth/RAT_Vertex FlorianRoth/RAT_unrecom FlorianRoth/RAT_xRAT FlorianRoth/ZxShell_Jul17 FlorianRoth/Casper_Included_Strings FlorianRoth/Casper_SystemInformation_Output FlorianRoth/FVEY_ShadowBrokers_Jan17_Screen_Strings FlorianRoth/Furtim_nativeDLL FlorianRoth/EquationGroup_elgingamble FlorianRoth/EquationGroup_sambal FlorianRoth/EquationGroup__jparsescan_parsescan_5 FlorianRoth/EquationGroup_Toolset_Apr17_Gen2 FlorianRoth/EquationGroup_Toolset_Apr17_ntevt FlorianRoth/EquationGroup_Toolset_Apr17_msgkd_msslu64_msgki_mssld FlorianRoth/skeleton_key_patcher FlorianRoth/skeleton_key_injected_code FlorianRoth/Unit78020_Malware_Gen1 FlorianRoth/apt_ProjectSauron_encryption FlorianRoth/APT_Liudoor FlorianRoth/IronPanda_Malware_Htran FlorianRoth/Locky_Ransomware FlorianRoth/DeepPanda_htran_exe FlorianRoth/apt_equation_equationlaser_runtimeclasses FlorianRoth/apt_equation_cryptotable FlorianRoth/CrowdStrike_Shamoon_DroppedFile FlorianRoth/ChinaChopper_Generic FlorianRoth/Payload_Exe2Hex FlorianRoth/WaterBug_wipbot_2013_dll FlorianRoth/WaterBug_turla_dropper FlorianRoth/apt_hellsing_implantstrings FlorianRoth/IMPLANT_3_v1 FlorianRoth/IMPLANT_4_v9 FlorianRoth/IMPLANT_5_v2 FlorianRoth/IMPLANT_5_v3 FlorianRoth/IMPLANT_5_v4 FlorianRoth/Unidentified_Malware_Two FlorianRoth/BernhardPOS FlorianRoth/StuxNet_Malware_1 FlorianRoth/APT_Project_Sauron_Scripts FlorianRoth/APT_Project_Sauron_arping_module FlorianRoth/APT_Project_Sauron_kblogi_module FlorianRoth/APT_Project_Sauron_basex_module FlorianRoth/APT_Project_Sauron_dext_module FlorianRoth/UACME_Akagi FlorianRoth/REDLEAVES_DroppedFile_ObfuscatedShellcodeAndRAT_handkerchief FlorianRoth/REDLEAVES_CoreImplant_UniqueStrings FlorianRoth/PLUGX_RedLeaves FlorianRoth/Invoke_mimikittenz FlorianRoth/Codoso_Gh0st_3 FlorianRoth/Codoso_Gh0st_1 FlorianRoth/Codoso_PGV_PVID_3 FlorianRoth/shimrat FlorianRoth/shimratreporter FlorianRoth/WoolenGoldfish_Generic_3 FlorianRoth/apt_nix_elf_Derusbi_Linux_SharedMemCreation FlorianRoth/apt_nix_elf_Derusbi_Linux_Strings FlorianRoth/Powerkatz_DLL_Generic FlorianRoth/apt_RU_MoonlightMaze_customlokitools FlorianRoth/apt_RU_MoonlightMaze_customsniffer FlorianRoth/loki2crypto FlorianRoth/apt_RU_MoonlightMaze_cle_tool FlorianRoth/apt_RU_MoonlightMaze_xk_keylogger FlorianRoth/apt_RU_MoonlightMaze_IRIX_exploit_GEN FlorianRoth/apt_RU_MoonlightMaze_u_logcleaner FlorianRoth/apt_RU_MoonlightMaze_wipe FlorianRoth/Trojan_Win32_PlaSrv FlorianRoth/Trojan_Win32_Platual FlorianRoth/Trojan_Win32_Plaplex FlorianRoth/Trojan_Win32_Dipsind_B FlorianRoth/Trojan_Win32_PlaKeylog_B FlorianRoth/Trojan_Win32_Adupib FlorianRoth/Trojan_Win32_PlaLsaLog FlorianRoth/Trojan_Win32_Plakelog FlorianRoth/Trojan_Win32_Plainst FlorianRoth/Trojan_Win32_Plagicom FlorianRoth/Trojan_Win32_Plaklog FlorianRoth/Trojan_Win32_Plapiio FlorianRoth/Trojan_Win32_Plabit FlorianRoth/Trojan_Win32_Placisc2 FlorianRoth/Trojan_Win32_Placisc3 FlorianRoth/Trojan_Win32_Placisc4
26dc4799eb1feaa43bec3b0ec3225fee	ELF	2017-10-16 01:37:32		YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 [+] YRP/android_meterpreter YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Mirai_1_May17 FlorianRoth/Miari_2_May17
83e765803a749f2128e4494fdc2a56b3	ELF	2017-10-16 01:37:45		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
44d8334c29041454e00c591e8c69dfff	ELF	2017-10-16 01:38:01		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
da7837175c7698aaa75c00d48efea7ee	ELF	2017-10-16 01:38:11		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
96c9fffc2f4f3108055cfd159238a15a	ELF	2017-10-16 01:38:29		YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+] YRP/android_meterpreter YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/Mirai_5
f268ca8f62d0f0c3362a212a2fb56440	ELF	2017-10-16 01:39:00		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/Mirai_5
546cbf9a875f7a75853163a0d6a5a5e5	ELF	2017-10-16 01:39:05		YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 [+] YRP/android_meterpreter YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Mirai_1_May17 FlorianRoth/Miari_2_May17
1a46ac88b23078ec496e51fdb34c9092	ELF	2017-10-16 01:40:05		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
1be815d809f6180431832309d9179dab	ELF	2017-10-16 01:41:25		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
7f6c4fdcec47d32d5e4c515df2b7e5df	ELF	2017-10-16 01:42:08		YRP/domain YRP/contentis_base64 YRP/Big_Numbers2 YRP/SHA512_Constants [+] YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
18b876f1a093662d9b411fd1da648892	ELF	2017-10-16 01:42:30		YRP/domain YRP/contentis_base64 YRP/Big_Numbers2 YRP/BASE64_table [+] YRP/Mirai_5 FlorianRoth/Miari_2_May17
41cc9e8491c23b34fe2e2b24fbed0df7	ELF	2017-10-16 01:42:49		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/Mirai_5
d49919e240d73549ab6beddbc16c627f	ELF	2017-10-16 01:44:02		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Mirai_5 FlorianRoth/Miari_2_May17
572edd75716e2fccaf7d868ac02580e0	PE32	2017-11-03 00:32:33		YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/UPX_wwwupxsourceforgenet YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/disable_antivirus YRP/disable_dep YRP/hijack_network YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/spreading_file YRP/win_registry YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers2 YRP/Big_Numbers5 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/VC8_Random YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section
445c476444731ff29d479e373daefcc6	PE32	2017-11-06 13:16:57	http://careers.fwo.com.pk/css/microsoftdm.exe...	YRP/VC8_Microsoft_Corporation YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/IsBeyondImageSize YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/win_registry YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library FlorianRoth/ReflectiveLoader
5146249bf363f78353f6245aff7efa92	PE32	2017-11-08 13:14:13	http://216.170.126.99/1.exe	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasDebugData YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table
f26f910963bd7e057c8d9fba06fc1029	PE32+	2017-11-13 12:45:17	http://wuenschejetzterfuellen.com/Plugins/pip...	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/IsBeyondImageSize [+] YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/win_files_operation YRP/BASE64_table FlorianRoth/DragonFly_APT_Sep17_3
c8ea0ccf60ef3dd59a039411bf374ba6	PE32	2017-11-13 12:45:19	http://wuenschejetzterfuellen.com/Plugins/pip...	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/win_files_operation YRP/BASE64_table FlorianRoth/DragonFly_APT_Sep17_3
ad5e9b8b6c41e15e485fb16a493480e5	PE32	2017-11-13 12:45:20	http://wuenschejetzterfuellen.com/Plugins/inf...	YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/domain YRP/IP YRP/contentis_base64 YRP/VM_Generic_Detection YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/network_tcp_socket YRP/network_dns YRP/win_token YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
6d76db02b11ef59a92c392e22051750e	PE32	2017-11-13 12:45:21	http://wuenschejetzterfuellen.com/Plugins/htt...	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/BASE64_table FlorianRoth/DragonFly_APT_Sep17_3
3410af519f791af5f9554cbff7ece24a	PE32	2017-11-13 12:45:23	http://wuenschejetzterfuellen.com/Plugins/cor...	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/win_files_operation YRP/CRC32b_poly_Constant YRP/BASE64_table FlorianRoth/DragonFly_APT_Sep17_3
725f4c6c672958b86989731308e70e1e	PE32	2017-11-19 00:49:57	http://fbcom.review/f/3.exe	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_sbox YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/GenerateTLSClientHelloPacket_Test
b245362aa364f94496380cfd2f002493	ELF	2017-11-20 09:57:12		YRP/domain YRP/IP YRP/url YRP/contentis_base64 [+] YRP/Big_Numbers3 YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table
00dbb9e1c09dbdafb360f3163ba5a3de	PE32	2017-11-22 01:31:48		YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/network_http YRP/win_files_operation YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/CCREWBACK1 YRP/TrojanCookies_CCREW
a85f9b4c33061ee724e59291242b9e86	PE32	2017-11-28 20:34:13		YRP/Visual_Cpp_2005_Release_Microsoft YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsConsole YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/win_files_operation YRP/Big_Numbers2 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/OpenSSL_BN_mod_exp2_mont YRP/OpenSSL_BN_mod_exp_mont YRP/OpenSSL_BN_mod_exp_recp YRP/OpenSSL_BN_mod_exp_inverse YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library FlorianRoth/Pirpi_1609_B
acd8d34d8360129df1c8d03f253ba747	PE32	2017-11-28 20:34:14		YRP/Armadillo_v1xx_v2xx_additional YRP/Microsoft_Visual_Cpp_v70_DLL YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Microsoft_Visual_Cpp_60_DLL_Debug [+] YRP/Armadillo_v1xx_v2xx YRP/Microsoft_Visual_Cpp_v60_DLL YRP/Microsoft_Visual_Cpp_60 YRP/Armadillov1xxv2xx YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_registry YRP/win_files_operation YRP/BASE64_table YRP/VC8_Random YRP/Str_Win32_Winsock2_Library
c006faaf9ad26a0bd3bbd597947da3e1	PE32	2017-11-28 20:34:16		YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/Visual_Cpp_2008_Release_Microsoft YRP/IsPE32 [+] YRP/IsConsole YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/win_registry YRP/win_files_operation YRP/Big_Numbers2 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/VC8_Random YRP/Str_Win32_Winsock2_Library
e33804e3e15920021c5174982dd69890	PE32	2017-11-28 20:34:19		YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsConsole YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/create_service YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/win_registry YRP/win_files_operation YRP/Big_Numbers2 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_Long YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/GenerateTLSClientHelloPacket_Test
4051643a25ac4f51b6c2ce071eb013a4	PE32+	2017-12-05 01:09:25		YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/HasDebugData [+] YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/win_mutex YRP/win_token YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
3900dc81ea11439183ea547b3ccbc2ef	PE32	2017-12-10 23:39:59		YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsConsole [+] YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/GenerateTLSClientHelloPacket_Test
9d09812f887014eb9a89ee82ea66c764	PE32	2017-12-10 23:40:00		YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsConsole [+] YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/GenerateTLSClientHelloPacket_Test
70804ac16e1efd470a7b685aa673d71b	PE32	2017-12-14 12:45:07	http://miicrosoft.cloud/msupdate.png	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_tcp_socket YRP/win_mutex YRP/win_files_operation YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
3319b1a422c785c221050f1152ad77cb	PE32+	2017-12-14 20:40:26		YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/IsBeyondImageSize YRP/HasModified_DOS_Message YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_sbox YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
c1183b8c6382fd91b15c4264b7164087	PE32+	2017-12-19 00:45:07	http://72.43.174.119:8082/html/.../8f80.exe	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/HasDebugData [+] YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/win_token YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
303f12d27491ad61d76d30b1da541d98	PE32	2017-12-22 07:43:34		YRP/IsPE32 YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/HasModified_DOS_Message [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/SHA512_Constants YRP/DES_sbox YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table
6d66b183e20d5573adfc68753591a4d9	PE32	2017-12-22 12:45:17	http://193.124.117.153/crypt/without/AU2_EXE....	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_dropper YRP/network_dns YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Windows_Malware YRP/with_sqlite
60ac7ad7eccc1cdc8e2fcd21cf42e068	PE32	2017-12-22 12:45:19	http://193.124.117.153/crypt/without/Host.exe...	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/BASE64_table
f30b903b8e68eb22080f89bad77884da	PE32	2018-01-16 00:45:56	http://lesfaverelles.com/images/novo1212.exe	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Delphi_StrToInt YRP/Delphi_DecodeDate YRP/Str_Win32_Winsock2_Library YRP/CookieTools
b239cf7d065e8b3c1565f1b53dd1aafc	PE32	2018-01-16 00:46:02	http://lesfaverelles.com/images/lets2212.exe	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Delphi_StrToInt YRP/Delphi_DecodeDate YRP/Str_Win32_Winsock2_Library YRP/CookieTools
fa7a3c257428b4c7fda9f6ac67311eda	ELF	2018-01-25 16:18:42		YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter [+] YRP/MD5_Constants YRP/BASE64_table YRP/suspicious_packer_section
43800e15dcb111a2cf8b9da694e50fea	PE32	2018-01-30 11:07:04	http://118.24.0.88/qxxxx.exe	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/VM_Generic_Detection YRP/Misc_Suspicious_Strings YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/win_registry YRP/win_files_operation YRP/BASE64_table YRP/VC6_Random YRP/Str_Win32_Winsock2_Library FlorianRoth/ZxShell_Related_Malware_CN_Group_Jul17_2 FlorianRoth/Backdoor_Nitol_Jun17
a0a56b1f4037d0c6e8fa4814b3dfefa3	PE32	2018-01-30 11:08:04	http://18231.url.222bz.com/	YRP/VC8_Microsoft_Corporation YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/VM_Generic_Detection YRP/WMI_strings YRP/ThreadControl__Context YRP/anti_dbg YRP/antisb_threatExpert YRP/antivm_vmware YRP/network_tcp_listen YRP/network_smtp_raw YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
655f65b1b08621dfcb2603b59fca05bc	PE32	2018-02-07 18:39:55		YRP/Microsoft_Visual_Cpp_v60 YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/Check_Wine YRP/CRC32_poly_Constant YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/UPX YRP/suspicious_packer_section FlorianRoth/Zeus_Panda
089269088b0d43950a565fd9909d95fd	PE32	2018-02-15 16:36:46		YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerHiding__Active YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Petya_Ransomware YRP/Ransom_Petya
e65e32c0521b07021aadba755a443eb6	PHP	2018-02-19 23:24:25		YRP/webshell_PHP_r57142 YRP/webshell_PHP_404 YRP/shells_PHP_wso YRP/multiple_php_webshells [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/android_meterpreter YRP/Big_Numbers1 YRP/BASE64_table YRP/eval_post YRP/spyeye_plugins YRP/php_uname
1ff8f0384b2d7050fd3bb0a5f6051ba9	PE32	2018-02-20 03:06:53	http://118.24.147.51/Test.exe	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/BASE64_table YRP/Trojan_W32_Gh0stMiancha_1_0_0
5c4dc9e4448796027c79bc6c72f00daa	ELF	2018-02-20 12:52:07	http://rfksnrfrfhk.ga/php	CuckooSandbox/embedded_pe YRP/possible_includes_base64_packed_functions YRP/with_images YRP/without_attachments [+] YRP/with_urls YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/android_meterpreter YRP/CRC32_poly_Constant YRP/CRC32_table YRP/CRC32b_poly_Constant YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/BASE64_table YRP/ldpreload YRP/PM_Email_Sent_By_PHP_Script
b74aae3a441fec6888c5c9efcd5e0251	PE32	2018-02-20 14:07:34	http://219.147.91.86:8099/692.exe	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/Antivirus YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/inject_thread YRP/create_service YRP/network_tcp_socket YRP/escalate_priv YRP/rat_rdp YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
ff1ebf24d48def8045510ce8e6e8f51d	PE32	2018-02-20 23:36:17		YRP/Borland_Delphi_40_additional YRP/Borland_Delphi_v60_v70_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional [+] YRP/Borland_Delphi_30_ YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_DLL_additional YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/contentis_base64 YRP/Browsers YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Delphi_DecodeDate YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
b0526337a08544c0c88edc375882608e	PE32+	2018-02-20 23:42:17		YRP/IsPE64 YRP/IsDLL YRP/IsConsole YRP/HasRichSignature [+] YRP/domain YRP/url YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
11b8e5afe1f9ef66d3f5b344b46df8d6	PE32+	2018-02-20 23:42:18		YRP/IsPE64 YRP/IsDLL YRP/IsConsole YRP/IsPacked [+] YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/anti_dbg YRP/win_files_operation YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table
7eb9a5f5700ee85c7fe2be27566d6795	PE32+	2018-02-20 23:42:24		YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/domain YRP/url YRP/contentis_base64 YRP/anti_dbg YRP/network_tcp_listen YRP/network_smtp_raw YRP/network_tcp_socket YRP/network_dns YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/suspicious_packer_section
94ffebc6b21eb9199308ea4780d8b787	HTML	2018-02-21 03:27:49	http://angads.com.au/hfv0Fy.exe	YRP/domain YRP/url YRP/contentis_base64 YRP/BASE64_table
a914f0ebe59acd617da0181cd0b4f28b	PE32	2018-02-22 15:14:42		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
ca2618d9e1a14151949c26e03f6c3bb5	PE32	2018-02-22 15:14:52		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
2a8526eba0dcc5a1e2178a19a514cc45	PE32	2018-02-22 15:22:45		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
45172364053683408910fa396b2f4eac	PE32	2018-02-22 15:22:53		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
5beeed64f10168909592f2ce77ab7460	PE32	2018-02-22 15:23:50		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
7e5040b6ee528ccef4936abf56d1140f	PE32	2018-02-22 15:26:53		YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/WMI_strings YRP/anti_dbg YRP/network_http YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/GenerateTLSClientHelloPacket_Test
fafd7e9f66db381d8b22dc84ba5b90e8	PE32	2018-02-22 15:30:26		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
482e403806569b29a8a2a11869fa5ea7	PE32	2018-02-22 15:32:50		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
ab9411f0bcf62e8d50fdb46cdad6b5e5	PE32	2018-02-22 15:33:48		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
b4590fc0a117527543e3235b123b85c9	PE32	2018-02-22 15:34:13		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
6ee6c3e50966037de1d8c0c5b6d5740a	PE32	2018-02-22 15:34:52		YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/WMI_strings YRP/anti_dbg YRP/network_http YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/GenerateTLSClientHelloPacket_Test
73f36bb536b08f508f7850f18c2aed01	PE32	2018-02-22 15:36:11		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
70594aea879e70330f565529c4e4466a	PE32	2018-02-22 15:36:18		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
054f2b88ab9755e68cad66ecbe3b2b83	PE32	2018-02-22 15:38:47		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
f1d0e0574a503b5a1e0b31e1e37fdb98	PE32	2018-02-22 15:39:01		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
b1add905297df8d4386855b97b002b12	PE32	2018-02-22 15:39:13		YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/WMI_strings YRP/anti_dbg YRP/network_http YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/GenerateTLSClientHelloPacket_Test
afb6047cada9777666c078f3831f7013	PE32	2018-02-22 15:42:58		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
bd28a17c6dd84ccf7914f87fa5f19521	PE32	2018-02-22 15:43:08		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
f1529d87df51a546a70f813e51a02bc2	PE32	2018-02-22 15:43:30		YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_firewall YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/network_dga YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/sniff_audio YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/CRC32b_poly_Constant YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/VC8_Random YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
5d21f0400dbbf0fa5b7a8c05343752df	PE32	2018-02-22 15:45:31		YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_http YRP/network_tcp_socket YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers1 YRP/BASE64_table YRP/VC6_Random YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
53da88fb37d2660f3393b72169184631	PE32	2018-02-22 15:47:42		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
cbe59b008de499e77854edbac65b1fe3	PE32	2018-02-22 15:48:07		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
6ac0b4613d3200e7f607d63a90c9f5e6	PE32	2018-02-22 15:51:33		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_http YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
91da9338d39ee7009056e65719adecd1	PE32	2018-02-22 15:52:01		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
dd9c47de0dc0daf54d2d1cc6fa36b2c5	PE32	2018-02-22 15:53:16		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
89d9950983fc4567898266bddba692f2	PE32	2018-02-22 15:56:36		CuckooSandbox/embedded_macho YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional [+] YRP/Borland_Delphi_30_ YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/IsBeyondImageSize YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/inject_thread YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/CRC32b_poly_Constant YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Delphi_StrToInt YRP/Str_Win32_Winsock2_Library
bfa3facdc7af7070af114d7e9180a53f	PE32	2018-02-22 15:56:56		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
6ce001cfa764fce0e8ef7aa18dfcb7e3	PE32	2018-02-22 16:00:03		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
6f6d1653b57d38057d8f8ad9ff542737	PE32	2018-02-22 16:06:19		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
70fff8dfcd8a8508cdba2f620f656195	PE32	2018-02-22 16:07:41		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
de7fa2166e7e430e9a402bf8ddc48298	PE32	2018-02-22 16:08:31		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
c343805910e319aae71e1bb2ae9946a5	PE32	2018-02-22 16:08:49		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
fe700d054216bffda44249c49f20f51a	PE32	2018-02-22 16:10:46		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
3509b3e76ce4f5a0f847bf2d7988f394	PE32	2018-02-22 16:10:54		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
cd14cbc6dbc9f104c679da80359aaf14	PE32	2018-02-22 16:11:16		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
320803a15634ff344aaa7ec6823088b5	PE32	2018-02-22 16:11:40		YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/WMI_strings YRP/anti_dbg YRP/network_http YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/GenerateTLSClientHelloPacket_Test
3b3bf7fb7e99bdc35529ceb44c1c195b	PE32	2018-02-22 16:13:03		YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/WMI_strings YRP/anti_dbg YRP/network_http YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/GenerateTLSClientHelloPacket_Test
e97300c8a66251ddbeed7741834e9cf6	PE32	2018-02-22 16:14:44		YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/anti_dbg YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
17760808f3d406490e518b8648653d55	PE32	2018-02-22 16:16:38		YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/WMI_strings YRP/anti_dbg YRP/network_http YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/GenerateTLSClientHelloPacket_Test
951e79f2332639c6f004397839becaa6	PE32	2018-02-22 16:16:59		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
d7b1eaafcf6f15530bfb3288f5b12b10	PE32	2018-02-22 16:17:15		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
6d49b5d15589779e1d4d6f91d565d7e5	PE32	2018-02-22 16:18:36		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/disable_antivirus YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Delphi_StrToInt YRP/Delphi_DecodeDate YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
a1fd6df8be7ae71b2be6156665336edf	PE32	2018-02-22 16:20:16		YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/anti_dbg YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
5f044df5490b71af4eeb9c86ae5a3d86	PE32	2018-02-22 16:21:12		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
87cb37b71fce9b4f5dcf73715ed1a008	PE32	2018-02-22 16:21:31		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/WMI_strings YRP/anti_dbg YRP/network_http YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/GenerateTLSClientHelloPacket_Test
f6d22d17e4ee26658141057689b8a266	PE32	2018-02-22 16:22:28		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
105f3aa1cb6baf773efff118c2ac5446	PE32	2018-02-22 16:23:18		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
909d489ce94ce5c0b8a95aebe7a635e9	PE32	2018-02-22 16:27:58		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
db7266c4cfa1e00796e390a9d46edc1e	PE32	2018-02-22 16:33:06		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
b7b93d70db7802af10004a510ec949f9	PE32	2018-02-22 16:33:54		YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/anti_dbg YRP/network_http YRP/network_dropper YRP/network_dga YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers4 YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
d20f59bb46a50febc1c2bff1c2d4bdea	PE32	2018-02-22 16:34:25		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
bc75f79f5d08fcc524a613046c64e3aa	PE32	2018-02-22 16:34:49		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
77d05d46f6e5c769e0a8f1a7b57b3b71	PE32	2018-02-22 16:35:33		YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/anti_dbg YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/VC8_Random YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API
940da8988a67cf0038cca53aceddae19	PE32	2018-02-22 16:36:53		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
9ed5131e606a551e1d964fdd4677afc8	PE32	2018-02-22 16:40:09		YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/anti_dbg YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
06d664daef65ef46932d3b95d69f4839	PE32	2018-02-22 16:40:44		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
1a21dd86b4595655e6e634a5edd28e36	PE32	2018-02-22 16:41:42		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
1ee34c4d582cad177e80bcadd912bccf	PE32	2018-02-22 16:43:41		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
3b8a27eda6be5901ce3d90b353e22788	PE32	2018-02-22 16:44:13		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/OpenSSL_DSA YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
901e35122cd2b7c1c4b6886688bc2cbf	PE32	2018-02-22 16:44:34		YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Const