MalShare

MD5 Hash	File type	Added	Source	Yara Hits
54ad018eb6bf2aae3ca8cc4615858201	data	2018-06-01 11:31:42	User Submission	YRP/Contains_VBE_File YRP/domain YRP/contentis_base64
2e97389f75c98c45a9fdc8f94734d5b9	data	2018-06-22 10:14:14	User Submission	YRP/Contains_VBE_File YRP/domain YRP/contentis_base64
e9ffdb716af3d355b25096a8ed4de8ef	data	2018-06-22 10:30:01	User Submission	YRP/Contains_VBE_File YRP/domain YRP/contentis_base64
625dd3acbd2d8bcd65749473d244562b	data	2018-06-22 18:20:46	User Submission	YRP/Contains_VBE_File YRP/domain YRP/contentis_base64
b8a0afc2c1d7a01b22637c805b6f668c	PE32	2018-06-23 13:19:02	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsConsole YRP/HasDebugData [+] YRP/HasRichSignature YRP/Contains_VBE_File YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Base64d_PE YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/hijack_network YRP/network_tcp_socket YRP/network_dns YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Base64_encoded_Executable YRP/Str_Win32_Winsock2_Library FlorianRoth/Certutil_Decode_OR_Download
0a7b4d7d8d09242157198b043991fc8e	Composite	2018-08-18 23:36:48	User Submission	YRP/Contains_VBE_File YRP/office_document_vba YRP/Contains_VBA_macro_code YRP/domain [+] YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Big_Numbers0
0a1c96b5f63be0176a65fc02a9f1609c	data	2018-08-20 14:33:51	User Submission	YRP/Contains_VBE_File YRP/domain YRP/contentis_base64
81ced08079f3d28f458ca9cdaf64249c	data	2018-09-10 15:21:44	User Submission	YRP/Contains_VBE_File YRP/domain YRP/contentis_base64
957b31cf5fa0b3edcc8c33dd68d32e7a	PE32	2018-11-13 17:30:36	User Submission	CuckooSandbox/embedded_macho YRP/IsPE32 YRP/IsDLL YRP/IsConsole [+] YRP/HasOverlay YRP/HasDebugData YRP/with_images YRP/without_attachments YRP/with_urls YRP/powershell YRP/Contains_VBE_File YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/System_Tools YRP/Browsers YRP/Sandboxie_Detection YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/antisb_sandboxie YRP/network_tcp_socket YRP/spreading_file YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/CRC16_table YRP/MD5_Constants YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/spyeye_plugins YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Http_API YRP/UPX YRP/with_sqlite YRP/suspicious_packer_section YRP/DMALocker YRP/DMALocker4
9fe89e360437ac7e6f8ee02cd4680c5f	PE32	2018-11-13 17:34:25	User Submission	CuckooSandbox/embedded_macho YRP/IsPE32 YRP/IsDLL YRP/IsConsole [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/with_images YRP/without_attachments YRP/with_urls YRP/powershell YRP/Contains_VBE_File YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/System_Tools YRP/Browsers YRP/Antivirus YRP/Sandboxie_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/antisb_sandboxie YRP/network_tcp_socket YRP/spreading_file YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/CRC16_table YRP/MD5_Constants YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/spyeye_plugins YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Http_API YRP/JavaDropper YRP/UPX YRP/with_sqlite YRP/suspicious_packer_section YRP/DMALocker YRP/DMALocker4 KevTheHermit/JavaDropper
889b82727a372b2aa9a6e50971ff9a01	ISO-8859	2019-10-25 22:23:20	User Submission	CuckooSandbox/embedded_win_api YRP/Borland YRP/PEProtect09byCristophGabler1998 YRP/Contains_VBE_File [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/android_meterpreter YRP/Cerberus YRP/suspicious_packer_section
6ac8af9d8c3996fbf5d4f466b493d2a6	data	2019-11-14 18:00:36	User Submission	YRP/Contains_VBE_File YRP/domain YRP/contentis_base64
01a83c32dc5744928b2b9e8346b7d94a	PE32	2019-11-24 11:45:03	User Submission	YRP/IsPE32 YRP/IsConsole YRP/ImportTableIsBad YRP/Contains_VBE_File [+] YRP/domain YRP/url YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
46563089558610f731ff3ed4616e7742	PE32	2019-12-02 19:24:54	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/Contains_VBE_File YRP/domain YRP/url YRP/contentis_base64 YRP/screenshot YRP/win_registry YRP/win_files_operation YRP/android_meterpreter FlorianRoth/DragonFly_APT_Sep17_3

Recent Searches
yrp/contains_vbe_file
yrp/cloaked_as_jpg
yrp/memory_shylock
yrp/zeroaccess_css2
yrp/pebundle_v244_additional
yrp/memory_pivy
florianroth/cve_2017_8759_soap_txt
yrp/iexpl0re
yrp/iexpl0restrings
kevthehermit/jrat

Search

Recent Searches