MalShare

MD5 Hash	File type	Added	Source	Yara Hits
e5a36a57e2ff90d1abb02cc0f2f79d43	JPEG	2018-03-19 19:26:42	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
726fb32a6e492030bf2b1d0f9e584be1	JPEG	2018-06-05 17:48:54	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
061205a0971ea60061978ef4583763cc	JPEG	2018-06-05 18:48:07	http://uploadtops.is/1//f/atJVMoh	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
16e14eda17fe33e5e7da2af6479d9190	JPEG	2018-06-06 23:37:53	http://uploadtops.is/1//f/6W1igEE	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETexecutableMicrosoft [+] YRP/maldoc_find_kernel32_base_method_1 YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
25f43a1d26d894840f40bf451b15af48	PNG	2018-06-09 14:45:12	http://uploadtops.is/1//f/H2ZR1Tw	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/escalate_priv YRP/cred_local YRP/cred_ff YRP/win_token YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_sbox YRP/with_sqlite YRP/pony BAMFDetect/pony
675d1b65e3a05a81374f684042548d14	JPEG	2018-06-19 06:48:18	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
1e014fc9d7528c426c59d686cd602b9b	PNG	2018-06-26 03:13:28	http://uploadtops.is/1/f/HTVac8C	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETexecutableMicrosoft YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_hook YRP/Advapi_Hash_API FlorianRoth/Quasar_RAT_1
26b76bd095afd6b361c81c1712c6185a	PNG	2018-07-13 11:08:39	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
4a82eca523966f5031f1a659acafd287	PNG	2018-07-14 22:58:57	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
92b0f10efd60596eae2b0689eaac470c	GIF	2018-07-17 22:39:25	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
3ca8b517738d62d38b63baa14b7db472	JPEG	2018-07-18 09:58:43	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
3357fda7b8f201173211d88e1152ccd8	GIF	2018-07-21 14:08:33	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
72175689a73fa81b1b6a0d9c3c9cb7ba	GIF	2018-07-21 14:18:38	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
c6448dab526709081b1a85e6a0626fec	GIF	2018-07-21 14:18:41	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
30dc9a1d32dd00d43f1242f152959e4a	GIF	2018-07-21 14:28:48	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
23e006fc672aa4ae25c47a11d59594ae	JPEG	2018-07-21 14:28:54	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
839737843b7cdbe98374c482f4a32ee0	PNG	2018-07-21 14:28:59	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
8add0344a57f3c981c5dc3c63e2d1e81	JPEG	2018-07-21 14:38:32	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
e660bd54e73d0eeaf79ca737f9ac9336	JPEG	2018-07-21 14:38:34	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
1a665845d5f45d38f82cf8846c3f9764	GIF	2018-07-21 14:46:23	http://myfiles123.su/1//v/hkW5GDQ	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/contentis_base64 YRP/Browsers YRP/Sandboxie_Detection YRP/VirtualBox_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/antisb_sandboxie YRP/antivm_vmware YRP/disable_dep YRP/inject_thread YRP/network_dropper YRP/network_tcp_socket YRP/escalate_priv YRP/keylogger YRP/sniff_audio YRP/cred_ff YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
a2bcc235c53c9da39ac74f0a38750185	JPEG	2018-07-31 14:45:49	http://mydocuments1.is/1//T/p6lGQ	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Embedded_EXE_Cloaking YRP/domain [+] YRP/IP YRP/contentis_base64 YRP/screenshot YRP/keylogger YRP/cred_ie7 YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/BASE64_table
cc5c37a9e3e8ee63e4e61ca98ce099a2	GIF	2018-08-01 02:57:44	http://mydocuments1.is/1//T/nIx3w	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETDLLMicrosoft YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VMWare_Detection YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/Check_Dlls YRP/anti_dbg YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API
73d3bb34a506f0c806b38a5f60920da0	JPEG	2018-08-01 03:01:05	http://mydocuments1.is/1/T/48hzc	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/contentis_base64 YRP/VMWare_Detection YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/Check_Dlls YRP/anti_dbg YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_hook YRP/Advapi_Hash_API
aa0c0b3db9a8383134c6104669093401	PNG	2018-08-02 14:47:45	http://mydocuments1.is/1/T/MCzNI	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/contentis_base64 YRP/VMWare_Detection YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/Check_Dlls YRP/anti_dbg YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_hook YRP/Advapi_Hash_API
7dde70a0317794eacb9d98671e5b6150	GIF	2018-08-02 14:51:14	http://mydocuments1.is/1//T/n2wlA	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETDLLMicrosoft YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VMWare_Detection YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/Check_Dlls YRP/anti_dbg YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API
ec70a082326db5b24a04a4efed2f8996	GIF	2018-08-09 14:48:32	http://mydocuments1.is/1/T/9VNRx	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Sandboxie_Detection YRP/VirtualBox_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/antisb_sandboxie YRP/antivm_vmware YRP/disable_dep YRP/inject_thread YRP/network_dropper YRP/network_tcp_socket YRP/escalate_priv YRP/keylogger YRP/sniff_audio YRP/cred_ff YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
30306dff8206fa98aa6f330379b2bbae	JPEG	2018-08-10 14:46:57	http://mydocuments1.is/1/T/TIsas	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
9ab29a6534a6b5e64359ec8248956c1c	Rich	2018-08-20 14:33:15	User Submission	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Embedded_EXE_Cloaking YRP/RTF_Shellcode [+] YRP/domain YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Misc_Suspicious_Strings YRP/network_http YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
755778550e1735819f26405b71a92b2a	JPEG	2018-08-26 20:19:47	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
8d00ca9b3f6b62c50c41f393c34dcee1	JPEG	2018-08-28 21:10:23	http://u.lewd.se/OugalZ_MVAMlJzd.jpg	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETexecutableMicrosoft YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/IP YRP/contentis_base64 YRP/disable_dep YRP/network_dns YRP/win_registry YRP/Nanocore_RAT_Gen_2 YRP/NanoCore FlorianRoth/RAT_NanoCore FlorianRoth/Nanocore_RAT_Gen_2 KevTheHermit/NanoCore BAMFDetect/NanoCore
0e92d4f0b496d8d763b8f930c604b79b	GIF	2018-09-03 14:45:33	https://u.lewd.se/yobBS6_auSrdjHn.gif	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/contentis_base64 YRP/VMWare_Detection YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/Check_Dlls YRP/anti_dbg YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_hook YRP/Advapi_Hash_API
4532857d02725a10702ae1f0f7f9dd86	JPEG	2018-09-04 14:45:58	http://myblogforyou.is/1/v/Im6gk	CuckooSandbox/shellcode CuckooSandbox/embedded_pe YRP/NETexecutableMicrosoft YRP/maldoc_getEIP_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/contentis_base64 YRP/CRC32b_poly_Constant YRP/RIPEMD160_Constants YRP/SHA1_Constants
ab9af1737f4651a7eb68ce0cd6ef0fa7	JPEG	2018-09-06 14:49:31	http://myblogforyou.is/1/v/sWQuF	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/contentis_base64 YRP/Browsers YRP/Sandboxie_Detection YRP/VirtualBox_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/antisb_sandboxie YRP/antivm_vmware YRP/disable_dep YRP/inject_thread YRP/network_dropper YRP/escalate_priv YRP/keylogger YRP/sniff_audio YRP/cred_ff YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
e3280e3763fb13c5f30f0de57c45f8f2	JPEG	2018-09-24 03:04:54	http://myblogforyou.is/1/v/KKnS6	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Embedded_EXE_Cloaking YRP/domain [+] YRP/IP YRP/contentis_base64 YRP/screenshot FlorianRoth/RevengeRAT_Sep17
820a92053c656bc1f7675e515f7587e7	PNG	2018-09-24 03:04:59	http://myblogforyou.is/1/v/pZDcK	CuckooSandbox/embedded_pe YRP/NETexecutableMicrosoft YRP/Embedded_EXE_Cloaking YRP/domain [+] YRP/IP YRP/contentis_base64 YRP/Big_Numbers1 YRP/suspicious_packer_section
498d8d905a585daa4043f0eaabeb4507	JPEG	2018-09-24 03:05:03	http://myblogforyou.is/1/v/7Lj97	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/maldoc_getEIP_method_1 YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
c0dd31d779ff80e7fcf3700e4a52e839	PNG	2018-09-24 03:05:09	http://myblogforyou.is/1/v/yyYXl	CuckooSandbox/embedded_pe YRP/NETexecutableMicrosoft YRP/Embedded_EXE_Cloaking YRP/domain [+] YRP/IP YRP/contentis_base64 YRP/Big_Numbers0 YRP/Big_Numbers1
359408bd5df067c333bc0ed52b470533	JPEG	2018-09-24 03:05:13	http://myblogforyou.is/1/v/Zamb4	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/contentis_base64 YRP/Browsers YRP/Sandboxie_Detection YRP/VirtualBox_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/antisb_sandboxie YRP/antivm_vmware YRP/disable_dep YRP/inject_thread YRP/network_dropper YRP/escalate_priv YRP/keylogger YRP/sniff_audio YRP/cred_ff YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
54044ffc9e81a6977f58a50bd05e04bd	JPEG	2018-09-24 15:07:07	https://u.lewd.se/l5ogCo_RQbUTBOG.jpg	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Borland [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/contentis_base64 YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/WMI_strings YRP/Base64d_PE YRP/ThreadControl__Context YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/Delphi_Copy YRP/Str_Win32_Winsock2_Library FlorianRoth/RevengeRAT_Sep17
06d2d6b17d8d9f62249ef583c67edbfa	JPEG	2018-09-29 03:49:15	http://myblogforyou.is/1/v/iBjr7	CuckooSandbox/embedded_pe YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP [+] YRP/contentis_base64 YRP/Advapi_Hash_API
9b24c54533425bb99172c7153cdbede1	JPEG	2018-10-04 14:45:12	http://myblogforyou.is/1/I/WSrFP	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/possible_includes_base64_packed_functions YRP/NETDLLMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API
69c08475b404c73eddf8fe26dbbbdd99	JPEG	2018-10-04 14:46:58	http://myblogforyou.is/1/I/AJNyO	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/possible_includes_base64_packed_functions YRP/NETDLLMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API
b4a8b2c068fa67669805c7c6dba31fe8	JPEG	2018-10-11 14:45:12	https://pasteboard.co/images/HHKrjPX.jpg/down...	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_sbox YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/with_sqlite YRP/pony BAMFDetect/pony
a75f593681201d81e9982167f2972167	JPEG	2018-10-16 14:52:45	https://pasteboard.co/images/HIzhg49.jpg/down...	CuckooSandbox/shellcode CuckooSandbox/embedded_pe YRP/maldoc_find_kernel32_base_method_1 YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/url YRP/contentis_base64 YRP/Big_Numbers1
76c6299f7ae279e79c37ce1c401652a9	JPEG	2018-10-17 14:46:42	https://pomf.pyonpyon.moe/phjacm.jpg	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/possible_includes_base64_packed_functions YRP/NETDLLMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API
2cf8423101dda8edc3f23b22919bd436	JPEG	2018-11-02 12:31:28	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
b57970e4040ccd237218cf5c8bea264c	JPEG	2018-11-07 14:51:11	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
4d61e49a53c4f65b4206a859aae2c373	JPEG	2018-11-07 14:51:13	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
ee0c05ce358b054d0dbb3a2b9d42e587	JPEG	2018-11-07 18:22:11	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
110c24909863e51d2d462baf42bdb2d2	JPEG	2018-11-09 21:41:22	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
b03700ee2048ccf76466a824f4ecbb86	JPEG	2018-11-11 13:50:03	https://pasteboard.co/images/HLoGpNO.jpg/down...	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Borland [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/disable_antivirus YRP/hijack_network YRP/win_mutex YRP/Big_Numbers1 YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_Copy YRP/Delphi_StrToInt YRP/DarkComet_1 YRP/DarkComet_3 YRP/DarkComet_4 FlorianRoth/RAT_DarkComet KevTheHermit/DarkComet BAMFDetect/DarkComet
87887b1b727f65bc21846da0b0f58b70	PDF	2018-11-13 10:08:55	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/VMWare_Detection YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/network_http YRP/network_ftp YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
e0d697bbad02886c53a5e8a3b6e07090	PDF	2018-11-13 10:15:45	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/possible_includes_base64_packed_functions [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/win_mutex YRP/win_registry YRP/win_private_profile YRP/android_meterpreter YRP/Big_Numbers1 YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/Mirage_APT
57caf7e9aa0b10dee846883e32a7311d	JPEG	2018-11-17 01:46:49	https://share.dmca.gripe/YDasoIUOvRqFZyAR.jpg	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/possible_includes_base64_packed_functions YRP/NETDLLMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API
36d1754f90d7b6771644e6f0556a64b7	JPEG	2018-11-17 13:45:14	https://pasteboard.co/images/HMTQPDK.jpg/down...	CuckooSandbox/embedded_pe YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP [+] YRP/url YRP/contentis_base64 YRP/Big_Numbers1
caecdf335a38d1f015de62a5db15936c	PNG	2018-11-17 18:51:24	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
0246a766f7473b5f5ee2082686af8a8f	JPEG	2018-11-24 05:51:24	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/maldoc_find_kernel32_base_method_1 [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/network_dns YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
a2404afae59790fca2daa1aa56f0c45f	JPEG	2018-11-26 18:56:43	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/win_registry YRP/win_files_operation YRP/Big_Numbers0 YRP/VC8_Random YRP/Str_Win32_Winsock2_Library
f6770d3fc6636d1031c2158cfda2848e	JPEG	2018-11-26 18:58:59	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/contentis_base64 YRP/Dropper_Strings YRP/anti_dbg YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table
6c4b0bd50903ae602dd9e12eebd2cf52	JPEG	2018-12-01 01:54:27	https://share.dmca.gripe/3MPMOJEMMqUSlT7v.jpg	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETexecutableMicrosoft YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/network_dns YRP/win_registry YRP/Big_Numbers1 YRP/Nanocore_RAT_Gen_2 YRP/NanoCore FlorianRoth/RAT_NanoCore FlorianRoth/Nanocore_RAT_Gen_2 KevTheHermit/NanoCore BAMFDetect/NanoCore
c8f8d1a7f77421ca1a871bf4766107c1	JPEG	2018-12-13 13:55:40	https://share.dmca.gripe/6FoKtg4X5Y7FuV7r.jpg	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/possible_includes_base64_packed_functions YRP/NETDLLMicrosoft [+] YRP/NETexecutableMicrosoft YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_smtp_dotNet YRP/keylogger YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/CAP_HookExKeylogger
a9aeb8e747fd06e9c661c0b0e51d771f	JPEG	2018-12-22 13:48:39	https://pasteboard.co/images/HSALBfU.jpg/down...	CuckooSandbox/shellcode CuckooSandbox/embedded_pe YRP/maldoc_find_kernel32_base_method_1 YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/url YRP/contentis_base64 YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table
ed0d1257c86eff20f92011cdaf2c1e84	JPEG	2018-12-22 13:48:42	https://pasteboard.co/images/HSAFBZI.jpg/down...	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Borland [+] YRP/maldoc_find_kernel32_base_method_1 YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Trojan_W32_Gh0stMiancha_1_0_0 YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
9999d7a01588b5783d86e5996e85e155	JPEG	2018-12-22 13:48:45	https://pasteboard.co/images/HSk9gWK.jpg/down...	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETexecutableMicrosoft YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/Big_Numbers1 YRP/Njrat FlorianRoth/Quasar_RAT_1
4a612922e188e316d2ce29f2d2916a87	JPEG	2018-12-26 14:06:19	https://share.dmca.gripe/hKXzWhYBDZRL9obi.jpg	CuckooSandbox/shellcode CuckooSandbox/embedded_pe YRP/maldoc_find_kernel32_base_method_1 YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/url YRP/contentis_base64 YRP/Big_Numbers1 YRP/RIPEMD160_Constants YRP/SHA1_Constants
48c0605f7220f84ec71bc52a4fcc4b4b	JPEG	2019-01-07 14:02:23	https://pasteboard.co/images/HVbB1pM.jpg/down...	CuckooSandbox/shellcode CuckooSandbox/embedded_pe YRP/maldoc_find_kernel32_base_method_1 YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/url YRP/contentis_base64 YRP/antivm_vmware YRP/Big_Numbers1
584c063eb502c95a7640bac77ef859bc	JPEG	2019-01-07 14:02:26	https://pasteboard.co/images/HVb42Yz.jpg/down...	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETexecutableMicrosoft YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/network_dns YRP/win_registry YRP/Big_Numbers1 YRP/Nanocore_RAT_Gen_2 YRP/NanoCore FlorianRoth/RAT_NanoCore FlorianRoth/Nanocore_RAT_Gen_2 KevTheHermit/NanoCore BAMFDetect/NanoCore
6b7c511d3236a25d4ea3a14e1648e041	JPEG	2019-01-10 13:47:25	https://pasteboard.co/images/HVjbP3R.jpg/down...	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/possible_includes_base64_packed_functions YRP/NETDLLMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API
09dd6c372fe1bb57c2c3100315878867	JPEG	2019-01-12 13:49:54	https://share.dmca.gripe/mWeneyIveXmYjSKT.jpg	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Embedded_EXE_Cloaking YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Qemu_Detection YRP/Dropper_Strings YRP/WMI_strings YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_hook YRP/Advapi_Hash_API YRP/CAP_HookExKeylogger FlorianRoth/Quasar_RAT_1
546970899db2c35815b8a22155f71abc	PNG	2019-01-20 13:49:59	https://pasteboard.co/images/HWgDFYp.png/down...	CuckooSandbox/shellcode CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Borland [+] YRP/maldoc_find_kernel32_base_method_1 YRP/Embedded_EXE_Cloaking YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Advapi_Hash_API YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Trojan_W32_Gh0stMiancha_1_0_0 YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
505b2ea58cd5aee725f06429053d881c	JPEG	2019-01-20 13:50:21	https://pomf.pyonpyon.moe/ggesuy.jpg	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VMWare_Detection YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/Check_Dlls YRP/anti_dbg YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API
415ddd41fa9e9271511a2dd58bf28e81	JPEG	2019-01-24 01:56:54	https://share.dmca.gripe/IujfcYbdpBWFFLKi.jpg	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VMWare_Detection YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/Check_Dlls YRP/anti_dbg YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API
697333ee750dba218f2a41af8db86d7b	PNG	2019-02-01 02:44:17	https://share.dmca.gripe/1uyCdHGCBWOJumQM.png	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/possible_includes_base64_packed_functions YRP/NETDLLMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/contentis_base64 YRP/Browsers YRP/network_smtp_dotNet YRP/keylogger YRP/win_registry YRP/win_hook YRP/Advapi_Hash_API YRP/CAP_HookExKeylogger
113af5ffa0834503dd976ba00f2b55a7	JPEG	2019-02-13 02:36:44	https://share.dmca.gripe/zbMedrxHFFE9bp0r.jpg	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/possible_includes_base64_packed_functions YRP/NETDLLMicrosoft [+] YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Big_Numbers1 YRP/Advapi_Hash_API
49bb4961a7f7ac0deda3436473351157	PNG	2019-02-15 14:33:26	https://share.dmca.gripe/01lY60RZli5nCIya.png	CuckooSandbox/embedded_pe YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP [+] YRP/contentis_base64
aec80e6ac88441966b4eb4933676702e	JPEG	2019-02-24 13:51:47	https://share.dmca.gripe/rWZlAsctle4LlKfO.jpg	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/possible_includes_base64_packed_functions YRP/NETDLLMicrosoft [+] YRP/NETexecutableMicrosoft YRP/Embedded_EXE_Cloaking YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_smtp_dotNet YRP/keylogger YRP/rat_webcam YRP/win_registry YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API
eb3ccdda3c0741b27d3c5158d2c6c137	PNG	2019-04-23 18:45:48	User Submission	CuckooSandbox/shellcode CuckooSandbox/embedded_pe YRP/NETexecutableMicrosoft YRP/Embedded_EXE_Cloaking [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/network_dns YRP/Big_Numbers1
d513c16980048430139e5fc17111e36b	GIF	2019-05-04 19:15:48	http://159.65.31.204/flor_dumal.gif	CuckooSandbox/embedded_pe CuckooSandbox/embedded_win_api YRP/Embedded_EXE_Cloaking YRP/domain [+] YRP/contentis_base64 YRP/suspicious_packer_section

Recent Searches
yrp/embedded_exe_cloaking
yrp/packman_executable_image_packer_0001_bubba_additional
florianroth/eqgrp_callbacks
yrp/webshell_browser_201_3_400_in_jfolder_jfolder01_jsp_leo_ma_warn_webshell_nc_download
yrp/firewallopener
yrp/cryptopp_modulo
yrp/multiple_webshells_0018
yrp/network_dyndns
yrp/byshell063_ntboot_2
florianroth/implant_6_v2

Search

Recent Searches