MalShare

SHA256 Hash	File type	Added	Source	Yara Hits
2619862c382d3e375f13f3859c6ab44db1a4bce905b4a617df2390fbf36902e7	PE32+	2022-03-20 21:40:34	User Submission	CuckooSandbox/embedded_macho YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole [+] YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/System_Tools YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG
fd28ac9eba5ec352d343e94b7667fa079ba885ff594d52fe591cf81eea2c03ee	PE32	2022-03-20 16:38:52	User Submission	YRP/Armadillo_v2xx_CopyMem_II_additional YRP/Microsoft_Visual_Cpp_70_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/DES_sbox YRP/VC8_Random YRP/Str_Win32_Winsock2_Library
f716ab9313b06641383d661d1e404c2ed76352f17fb7143bccf4d2d317301239	PE32	2022-03-20 16:25:00	User Submission	YRP/Armadillo_v2xx_CopyMem_II_additional YRP/Microsoft_Visual_Cpp_70_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/DES_sbox YRP/VC8_Random YRP/Str_Win32_Winsock2_Library
b6c99a5ba52fe2ef5b838d580f41a5e4f4c81389dd07bc716593483af33816b9	PE32	2022-03-20 14:10:00	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/Antivirus YRP/VMWare_Detection YRP/VirtualPC_Detection YRP/Misc_Suspicious_Strings YRP/vmdetect YRP/anti_dbg YRP/antivm_vmware YRP/win_mutex YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/DES_sbox
53a57e1bd19960ce52a8c7877f25ac897330e102c9ad403fc16c2cb5e8c12f90	PE32	2022-03-20 10:33:21	User Submission	YRP/Armadillo_v2xx_CopyMem_II_additional YRP/Microsoft_Visual_Cpp_70_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/DES_sbox YRP/VC8_Random YRP/Str_Win32_Winsock2_Library
b47e5b1053024fc778fabee51f8e6ad0b60adc8fc883d0da349ede7a3ad101d1	PE32	2022-03-20 03:08:09	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers0 YRP/Big_Numbers2 YRP/Prime_Constants_long YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/DES_sbox YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/GenerateTLSClientHelloPacket_Test
6e4577bc7c8dca940fddbe57b543153e75abd39d261faec403efb8a5a35d243a	PE32	2022-03-20 03:02:23	User Submission	YRP/ASProtect_v132 YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/disable_dep YRP/create_service YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_sbox YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table
03b887397102e717de5ef8a0d4d0374bdf5347a85dddc8c829714770142b8fdf	PE32+	2022-03-17 07:04:06	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasDebugData [+] YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_Long YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Http_API YRP/with_sqlite
7a96c5a32badb9650faa842922ad545b7336a676f033e724c1bed574a7c9a960	PE32	2022-03-17 01:01:07	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
5c49f98d3516edf56c996c2da5f095a0b97df772a558bb2e9d5a5d4355adab05	PE32	2022-03-16 22:03:11	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
ebfdee6e5fe2aa5699280248a5e7b714ca18e5bfd284cac0ba4fb88ccbcec5b6	PE32+	2022-03-16 15:18:43	User Submission	CuckooSandbox/embedded_macho YRP/IsPE64 YRP/IsConsole YRP/HasRichSignature [+] YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_sbox YRP/BASE64_table YRP/suspicious_packer_section
2c940a35025dd3847f7c954a282f65e9c2312d2ada28686f9d1dc73d1c500224	PE32+	2022-03-16 15:14:13	User Submission	CuckooSandbox/embedded_macho YRP/IsPE64 YRP/IsConsole YRP/HasRichSignature [+] YRP/domain YRP/contentis_base64 YRP/System_Tools YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG
b01b44fde46c2bb65505a01b69e292fbbc885be2b440f6a2ee107a70fde41a7d	PE32	2022-03-16 15:03:24	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/maldoc_find_kernel32_base_method_1 YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_sbox YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/with_sqlite YRP/pony BAMFDetect/pony
67eff1dc0836f810382eff5ae6c3b92751dc1b11fc42481a0c66644efb470156	PE32	2022-03-16 10:00:20	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
c2e87800db54e6dc5e3e71a47fc722806c04f2d872b3e274fe1b5db081e6f5eb	PE32	2022-03-16 03:15:25	User Submission	YRP/ASProtect_v132 YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/disable_dep YRP/create_service YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_sbox YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table
d6afdabeef38f42e894a2e5c77414514f248e8668cb466d805e57318fe24d959	PE32	2022-03-16 03:14:41	User Submission	YRP/ASProtect_v132 YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/create_service YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_sbox YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table
f8563e38ede16c69754c82d68138abe36a015180a94ea88b588ba32a0f870edd	PE32	2022-03-15 16:00:34	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_smtp_dotNet YRP/screenshot YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/DES_sbox YRP/UPX YRP/with_sqlite YRP/suspicious_packer_section
746f678c60f4673efadda92d819466cc102cbeafe3b39dbddd165bb552779541	PE32	2022-03-15 14:02:25	User Submission	YRP/possible_includes_base64_packed_functions YRP/Armadillo_v1xx_v2xx_additional YRP/Microsoft_Visual_Cpp_v70_DLL YRP/Microsoft_Visual_Cpp_v50v60_MFC [+] YRP/Microsoft_Visual_Cpp_60_DLL_Debug YRP/Armadillo_v1xx_v2xx YRP/Microsoft_Visual_Cpp_v60_DLL YRP/Microsoft_Visual_Cpp_60 YRP/Armadillov1xxv2xx YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_tcp_listen YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/DES_sbox YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/GenerateTLSClientHelloPacket_Test
bf508f1f751f03db787231a869c9a551ab64005622f829ef67419ef4fdce15a3	PE32	2022-03-14 18:00:42	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
cc3e5142cc3b3796125ac7520bb007fcaa0f1cd16d24ea8ff248cdc2231da748	PE32	2022-03-14 13:09:45	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/UPX YRP/with_sqlite YRP/suspicious_packer_section
cbd5ba84136ff83739824fe2a388e9c423be6ed481f27ffb0e7a54e61bb289fe	PE32	2022-03-14 13:01:48	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
d157959d0ce59bf6bdceb0f90a2dba44f3d30c92fdaac93a1375f278de6e8d96	PE32	2022-03-14 06:21:05	User Submission	YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI [+] YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/with_sqlite
d1308d261411ac86dd25ddf47e148bc12458f3097947954afbd8ece450546e56	PE32	2022-03-14 06:17:22	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/network_smtp_dotNet YRP/screenshot YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/DES_sbox YRP/with_sqlite
d0d48466650f533777e9a2834da5fb89c03a16a10eab9baa654f8c9ec2495f4a	PE32	2022-03-14 06:09:59	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/PredatorPain YRP/with_sqlite FlorianRoth/RAT_PredatorPain
d089b1eb2a93fd597ad65c61d3bed35e0563794c26289f9935011e5e74731146	PE32	2022-03-14 06:05:17	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/with_sqlite
d3c412f28e1690f6a9994a383538e80bc42f4833d1311bbfc01cbd32a96c5743	PE32	2022-03-14 05:01:43	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/with_sqlite
ea9220f0d9f0ef79ba5e9289bc84ac4f4c538b2f1a59fa1b12308bb94c4dc651	PE32	2022-03-13 13:00:32	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/with_sqlite
ef123b275c6c1ae3da6baf24bc82448d9d1751916d9a5a60fd9ef2d2aca6a03b	PE32	2022-03-13 12:04:00	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/PredatorPain YRP/with_sqlite FlorianRoth/RAT_PredatorPain
ef08526902fa73204f426e911d40109f9f764cc1cb76bddc818794e26588a618	PE32	2022-03-13 12:03:27	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/PredatorPain YRP/with_sqlite FlorianRoth/RAT_PredatorPain
d83056eb7747f43ccce5170109b9b7d1b0fc377f1c2b8c30c5f0aa3fb7d5d5c9	PE32	2022-03-12 22:48:14	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/UPX YRP/with_sqlite YRP/suspicious_packer_section
67bdfbca635730edfe3af3d0ccfcba22e93bf0b87edc0f587ecfb325c8e89dd3	PE32	2022-03-12 21:42:08	User Submission	YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/UPX YRP/with_sqlite YRP/suspicious_packer_section
80753704f9d294f32babf89d471b433e934102aee84dbf359632aa10e9eec413	PE32	2022-03-12 20:03:34	User Submission	YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/NETexecutableMicrosoft YRP/IsPE32 [+] YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_smtp_dotNet YRP/screenshot YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/DES_sbox YRP/UPX YRP/with_sqlite YRP/suspicious_packer_section
8a24fe0774a718159bb47c3dcb362fac92a93c968ba44acaed675187debc9e35	PE32	2022-03-12 13:09:47	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/DebuggerCheck__QueryInfo YRP/SEH__vba YRP/disable_antivirus YRP/inject_thread YRP/network_dropper YRP/network_ftp YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/cred_local YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_sbox YRP/RijnDael_AES YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/universal_1337_stealer_serveur
8cfe64df3207a00e7b0391008bdb1168fce52bfbc526bfeed3643f7fed5fdebc	PE32	2022-03-12 12:02:09	User Submission	YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE [+] YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
8c26a138a881f2e30921286ff7400d836354939df972f859e01195beca9c37e8	PE32	2022-03-12 12:01:50	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
8ef5e40a849f46191d26e9d06cdb7caf01153800c54835f21efecf3e1f5431dd	PE32	2022-03-12 11:00:58	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_smtp_dotNet YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/with_sqlite
8ecdc850c1a5fdcd9a8f09ab0d9fc1a94a9baa34c18759114c1ddd92b0195348	PE32	2022-03-12 10:03:14	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
92c029fcd02224fc8eb2db3d0f985e15a69b3008fc6ee5fdf856caf85056edb0	PE32	2022-03-12 10:00:40	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/with_sqlite
964f6d743f4f586a2327a6acb0c853dc80a57ba24d2307e94944031f0f116a01	PE32	2022-03-12 09:06:39	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
9cd8de4810e255248cfd54cd192aeb344d9ca721f0e6738e310618e4ea7b45dc	PE32	2022-03-12 06:07:02	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
9c4c931a4be0e98184f29a622c48bc5f609bbd5de5bec59f2ef50f5ec2947a6d	PE32	2022-03-12 06:04:55	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
9ca155bf331e24433c00be0b8f5d4ac8bb7196336a8d101ac8a23a88ef1bd04d	PE32	2022-03-12 06:03:24	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/PredatorPain YRP/with_sqlite FlorianRoth/RAT_PredatorPain
a04e11ea7a755de0f010ce32f114d162763d6be1c2468b0dcd1d7e656cbe3c45	PE32	2022-03-12 05:06:56	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_Studio_NET_additional YRP/NET_executable_ YRP/NET_executable [+] YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
9fdee253615a43dd21e0b3865650112f728bd9bc54aa47304ade2cfd84ca4773	PE32	2022-03-12 05:03:40	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Delphi_Random YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Str_Win32_Wininet_Library YRP/with_sqlite
a3e86c092e6b40385537b56b5b7f5eeeb80156b1be3530bf400f2c249d3ecbcb	PE32	2022-03-12 04:01:31	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_smtp_dotNet YRP/screenshot YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/DES_Long YRP/DES_sbox YRP/with_sqlite
b02c5d80464a5f6ce8075309e8dcc16582f68be8c5b594c3a2c97ee5fcfdc8ca	PE32	2022-03-12 00:03:43	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
affd66995d965965ccca7329621cecc01db591a8d9c4e6b8f03e0e2920c32f2e	PE32	2022-03-12 00:01:46	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
b375967d95d53c271d9ec0c53a315f6e6dde924ac64f9e97545ae33a1526495f	PE32	2022-03-11 10:01:13	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
9ce72a30d4f6edd1f3bb5060bbe9e029a2910b74dcdc18588810716b96816fe4	PE32	2022-03-11 10:00:53	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
9954343d321e004ca91d545120342779badff504f07e27144a511640d19a90bf	PE32	2022-03-11 10:00:46	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
6f338c5257bcb275a120e49879e6608dd3291ad7547f353812034990c36fe64c	PE32	2022-03-11 10:00:26	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
6e7f8dc29296ce3dbe4bd445d2c7b97235f5fc831c60e42648c433d762fb8200	PE32+	2022-03-11 03:34:25	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Antivirus YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/BITS_CLSID YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/disable_antivirus YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/Prime_Constants_long YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/CRC32b_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_sbox YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
688586f16916bfe7d5b86c186e07c3afbba19b4abac116bf2b8017de2201579a	PE32	2022-03-11 01:10:35	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_smtp_dotNet YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/with_sqlite
4d7e28754d5142f3361d1543bc2f1ddbee2d46d71dc480dffef87bebae6a48ae	PE32	2022-03-10 22:04:30	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
575660f0016e21d6611057a6f86bbc5ab34f866e329fdfe32dd3295231b5e39a	PE32	2022-03-10 18:00:22	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_smtp_dotNet YRP/screenshot YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/DES_Long YRP/DES_sbox YRP/with_sqlite
d7bad9d7888f9e5fe48953aa500efee2df2936ec411f08f36523b25d50990b42	PE32	2022-03-10 17:00:35	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/PredatorPain YRP/with_sqlite FlorianRoth/RAT_PredatorPain
c5db84fe0f762ebc2abe484d59d51fdf35a37f3a32e6f44d8197b1e8cda98e84	PE32	2022-03-10 15:10:34	User Submission	YRP/Armadillo_v1xx_v2xx_additional YRP/Microsoft_Visual_Cpp_60_DLL_additional YRP/Microsoft_Visual_Cpp_v70_DLL YRP/Microsoft_Visual_Cpp_v50v60_MFC [+] YRP/Microsoft_Visual_Cpp_60_DLL_Debug YRP/Armadillo_v1xx_v2xx YRP/Microsoft_Visual_Cpp_v60_DLL YRP/Microsoft_Visual_Cpp_60_DLL YRP/Microsoft_Visual_Cpp_60 YRP/Armadillov1xxv2xx YRP/IsPE32 YRP/IsDLL YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/ThreadControl__Context YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Prime_Constants_long YRP/CRC32b_poly_Constant YRP/MD5_Constants YRP/DES_sbox YRP/BASE64_table FlorianRoth/Gazer_logfile_name
612f858702d084e3e4ac907192318967ca9b08e184785d15dd91c0f613172ae8	PE32	2022-03-10 15:06:37	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_smtp_dotNet YRP/screenshot YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/DES_sbox YRP/with_sqlite
ca9e3ea2e21483612ec2d9ff4a91693e97ab24175ac00ccb52da89e4b89230c9	PE32+	2022-03-10 14:02:16	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsDLL YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/win_registry YRP/win_token YRP/win_files_operation YRP/MD5_Constants YRP/DES_sbox YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API FlorianRoth/Gazer_certificate FlorianRoth/Gazer_logfile_name
68911b53f55ca2c7ec67c93f9b9a50e17796743910f19c4e4c6fd1eb18d0be04	PE32	2022-03-10 05:02:10	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vba YRP/network_ftp YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/with_sqlite
6be42b803f6df9a6520608ac4b4c91437ccf640c42c37650e83f864ceb48950b	PE32	2022-03-10 04:01:12	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
49ef2bc0069c486d1c4df2a23e5a4bc967de49b361178cd17791d6fc8160b24a	PE32	2022-03-08 20:00:36	User Submission	YRP/Visual_Cpp_2003_EXE_Microsoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/inject_thread YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/with_sqlite
58128c6913cad7d9fb2823171c7973a24286fd293d0049cdd641eaf3397a5477	PE32	2022-03-08 19:01:36	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/ProtectSharewareV11eCompservCMS YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/SEH__vba YRP/screenshot YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/DES_Long YRP/DES_sbox YRP/with_sqlite
57b092a49d8e408c1dc6b5d15256291a0825fdc326d7559220b6631610580f46	PE32	2022-03-08 19:00:33	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VMWare_Detection YRP/VirtualBox_Detection YRP/Dropper_Strings YRP/network_smtp_dotNet YRP/screenshot YRP/win_registry YRP/win_files_operation YRP/vmdetect_misc YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/DES_sbox YRP/with_sqlite
7dd3761e731e56d5f44e7aca186118b602b0f417a7660ab7d1a1f15c4da761ae	PE32	2022-03-08 16:03:50	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/screenshot YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/DES_sbox YRP/with_sqlite
7dac1b39a0f22b51f57bd99bdbc5879a724a85c6eaa37d0eb0be6f419357bed1	PE32	2022-03-08 16:02:53	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/screenshot YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/DES_sbox YRP/with_sqlite
a67febdff37301c3c7f64e660d77f3943bf4d966813d93d1e29838c21866609b	MS-DOS	2022-03-08 12:02:38	User Submission	YRP/Visual_Cpp_2003_EXE_Microsoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/with_sqlite
5711f102d59297a3957b6ebe062d41bbb9e606af77c452f83bb3544549a93d64	PE32	2022-03-07 10:02:22	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasRichSignature [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/escalate_priv YRP/screenshot YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Advapi_Hash_API YRP/DES_sbox YRP/Str_Win32_Wininet_Library
08a78f1a046fb32d50fdfd66a6f1fc72ad5702e341484ad97eda7310431fe3fb	PE32	2022-03-07 03:03:18	User Submission	YRP/ASProtect_v132 YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/disable_dep YRP/create_service YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_sbox YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table
7aae8d6047d6635874d9ec315a023918d172e7151f0e191d3c922871a7fffdf4	PE32	2022-03-06 22:04:39	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
795441cb22dd9890feb55a429a83200c4e041f8b5e6a9ea68642d667bd93422b	PE32	2022-03-06 22:04:33	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
5c1c996b5c3c0c5bc79a8bdc81cce4b677526c1cd356635c5d3ef5d2c4340309	PE32	2022-03-06 22:04:22	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
e1a0753e4f6cdc3c0d76bf398e51caf1fc2832e7f2680ef4edfb3c085fcf7ee1	PE32	2022-03-06 22:03:52	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
17b1ff82f6fdf389b7ad59c0f8f3dd8bb8a0066a10382ac4802faa5c69ba8e32	PE32	2022-03-06 22:03:46	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
e04abe63720769a5c9aed0a9b49990dd78a4cfc9ebaf7abe9a219ac39eba6620	PE32	2022-03-06 22:03:37	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
d8b3205d3aca558dba905ea3ae8e8a489010b7aa27d46c2edb79294970688d53	PE32	2022-03-06 22:03:20	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
d897d8221b8eb76d188ff014c0a7000e343def3f3656de106a2332dfb525b10d	PE32	2022-03-06 22:02:59	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
f6d31943805f4b5442a1f1b64dac9bf221517e94732975f3b3a9977b1c58b565	PE32	2022-03-06 22:02:52	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
c1bf03b66f471fea058779ece423d80ff9602122a67a0f89b5a506c1881f92b3	PE32	2022-03-06 22:02:46	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
bf3707f3452afea0c36daa35a9b5733c51fbe55bea56fa25403fda296df03404	PE32	2022-03-06 22:02:31	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
bb024552fee19d91554c034fc3b95ee5c0f7401887d2fef0f92692614f2292c6	PE32	2022-03-06 22:02:18	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
b7f29f65d82ff24a750ea3539590bf3bb1f70748bb9b9ceaa3f6e09ff32a1123	PE32	2022-03-06 22:02:12	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
bba47eef1547016da382b82802c5829269393f144c577b8ec8f4fbe870dbc618	PE32	2022-03-06 22:02:07	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
b974d40a94585eaadfc7f64a55de3a2ab4a42adca3e4d39a09092434ae42ef44	PE32	2022-03-06 22:02:01	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
afaf667854e5e5ab435421d964ed2ff892068f16cdf2338422a977316e740751	PE32	2022-03-06 22:01:54	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
b396dcdd2293ab25e4872acfca750da24c0932fae58d417c221246bb68e624a5	PE32	2022-03-06 22:01:46	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
ae959ec221035442e7391bdadcd326a02a1117c00baedbfde9cab31b23f6efdf	PE32	2022-03-06 22:01:41	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
a7b7e1c7ad47732718161378ea12e56fd30463ffe63bbde6e4b89262fe72e87c	PE32	2022-03-06 22:01:27	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
9fabe904c834ce18def4f058cd5c04367db9cc3714963eca1afd27992eac3101	PE32	2022-03-06 22:01:21	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
5c93a4ec7b5f9ba28d3c86b53f1766f5445ecb9b17dc39091046b04e55d9083a	PE32	2022-03-06 22:01:13	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
5a6c12a58a90a144d69916c776baeffdbe446f963322d0b1c060c40015bbbc74	PE32	2022-03-06 22:01:07	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
5339ed1ce76d0c89e3800cc10e6049164770870c046d23d2b626a5a3e8c4ae8d	PE32	2022-03-06 22:01:01	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
9a7654ccf7e364dee40625a625f28fd5074fb89af80292a2cc041fb304bfc9a8	PE32	2022-03-06 22:00:55	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
52a7b69c291f1fc198f0585371d35e6d013126ec8bf8416ff19dec0df5abb794	PE32	2022-03-06 22:00:48	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
867a4accf7c94a187e0ebcf070ae3cb4cff5470e8d801934f4cf1ed0c61b29e8	PE32	2022-03-06 20:03:27	User Submission	YRP/Visual_Cpp_2003_EXE_Microsoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/screenshot YRP/win_registry YRP/win_files_operation YRP/BLOWFISH_Constants YRP/DES_sbox YRP/RijnDael_AES YRP/GenerateTLSClientHelloPacket_Test
b10ce871e3f6af2a58704ba8b144d1d8aed74dbbd88d5e5d721e9f394a25967e	PE32	2022-03-06 18:03:20	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Advapi_Hash_API YRP/DES_sbox FlorianRoth/ChromePass
b10b281657374560f6efc7464d0d16beab887199e0fcc1949050e141f9aa4bfa	PE32	2022-03-06 18:03:08	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/screenshot YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/MD5_Constants YRP/DES_sbox
ad8b5310e38bf02a0b3ee22ae742c618ecd2c82a5d023a266433bc84aaa94771	PE32	2022-03-06 18:01:08	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/screenshot YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/MD5_Constants YRP/DES_sbox
de24f9ba5d0f90be31f6d104e4145dcc84f5d1461ad1a0e7ccc03fbff364be87	PE32	2022-03-06 16:00:16	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/screenshot YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/MD5_Constants YRP/DES_sbox
8acfabc88007bd2019b38a26dec4d1587f417bcbc1b98128c319c42061d121d8	PE32	2022-03-06 06:02:28	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/powershell YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Antivirus YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/network_udp_sock YRP/network_http YRP/network_tcp_socket YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/DES_sbox YRP/BASE64_table YRP/VC8_Random YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section YRP/GenerateTLSClientHelloPacket_Test

Recent Searches
yrp/des_sbox
yrp/paradox
yrp/upack_v039_final_sign_by_hot_unp_additional
yrp/privateexeprotectorv18setisoftteam
yrp/gpinstallv50332
yrp/pespin_13beta_cyberbob_h_additional
yrp/equationgroup_toolset_apr17__doublefeaturereader_doublefeaturereader_0
yrp/webshell_azrailphp_v1_0
yrp/eqgrp_bananaaid
yrp/editserver_hacktool

Search

Recent Searches