MalShare

SHA256 Hash	File type	Added	Source	Yara Hits
e2ea61abc19ae0ec1aaa2a93798a0a0035e350fda253c2e3b432c9fcaa75d608	PE32	2022-03-15 03:05:26	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/antisb_threatExpert YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/win_registry YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/suspicious_packer_section YRP/GenerateTLSClientHelloPacket_Test
6f4c7f10d08a8cde1ef84c21240a407b1111a65abcc8c9bfa009ead892259479	PE32	2022-03-10 03:01:21	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/borland_delphi YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Random YRP/Delphi_Copy
72c5665c4372dc234d6bc68d0b54987e38b294f0581170409be572dab14d8ff5	PE32	2022-03-06 06:01:31	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsConsole [+] YRP/HasOverlay YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Prime_Constants_char YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/GenerateTLSClientHelloPacket_Test
9ec8f988ff41765b68c6a4d29d259fafb62e97ad2d3633c43fbe0ab0dd12518d	PE32	2022-03-05 00:10:03	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Sandboxie_Detection YRP/VirtualBox_Detection YRP/Qemu_Detection YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/Check_Qemu_Description YRP/Check_Qemu_DeviceMap YRP/Check_VBox_Description YRP/Check_VBox_DeviceMap YRP/Check_VBox_Guest_Additions YRP/Check_VBox_VideoDrivers YRP/Check_VMWare_DeviceMap YRP/Check_VmTools YRP/WMI_VM_Detect YRP/vmdetect_misc YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32b_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table
d780ca838863ff15183cbb2ea804fdb71eed52f228e9294a30751f5f9e69799e	PE32	2022-02-27 09:00:28	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/network_tcp_listen YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/Advapi_Hash_API YRP/CRC32b_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/CAP_HookExKeylogger
e153864100a90b56f0a81041b130cf2472e4b9f36b5678e5047e03e49ee6bff6	PE32	2022-02-24 18:51:56	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain [+] YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/WHIRLPOOL_Constants YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/Str_Win32_Winsock2_Library YRP/GenerateTLSClientHelloPacket_Test
17f87da311ea93afa5a1d724becf8f46279753ba06b49798a36e069020b1b264	PE32	2022-02-24 12:31:02	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RC6_Constants YRP/FGint_FindPrimeGoodCurveAndPoint YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_Copy YRP/Delphi_StrToInt YRP/Str_Win32_Winsock2_Library YRP/GenerateTLSClientHelloPacket_Test
688546f745f9a029d3c0d188beb1e63376588012a495b503f3fbcf57fb47f25d	PE32	2022-02-24 06:43:33	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/VMWare_Detection YRP/vmdetect YRP/anti_dbg YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants
35a2048324cbc2c9ce33550dc81564c83512b528a05301b7f4423b3bf34763bf	PE32	2022-02-22 14:53:12	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/VMWare_Detection YRP/vmdetect YRP/anti_dbg YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants
d10b641c3a29539aa715e4e6d5686a46a9cd6e7e5e7fa210783d880f4193f9af	PE32	2022-02-18 08:42:07	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsConsole [+] YRP/borland_delphi YRP/domain YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Copy
92a80270d2e15ca7d05a484f72686173703fdb8722c0da5e2fb251db782d5e67	PE32	2022-02-17 19:50:29	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/network_http YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section
694eb3a8ac59e737bcd79ec4c3702fa9cc61a778585f7e23be8a02cf8bc5b7a8	PE32	2022-02-17 19:28:00	User Submission	YRP/Microsoft_Visual_Basic_v50 YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/inject_thread YRP/network_udp_sock YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/win_registry YRP/win_files_operation YRP/MD5_Constants YRP/RC6_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
7ff2636b763c26ff70f2b548c15f427a924b9968bc70cca8d23049f9441f7585	PE32	2022-02-17 16:57:55	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/borland_delphi YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Random YRP/Delphi_Copy
9b802673907a5a4f9ccd7239e91f6eb25159563e12ae90b174bc7697a3257b0a	PE32	2022-02-17 16:55:30	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/android_meterpreter YRP/RC6_Constants YRP/Delphi_Copy
bc8069a86cc52911e59781c567d8d9a500a1dfbcf496ac73fcc64b9bbba8089e	PE32	2022-02-17 12:37:38	User Submission	YRP/Safeguard_103_Simonzh YRP/IsPE32 YRP/IsConsole YRP/IsPacked [+] YRP/HasModified_DOS_Message YRP/domain YRP/contentis_base64 YRP/keylogger YRP/win_registry YRP/RC6_Constants
46e97f25e6d144c332bfbee8702b3cd22692be4000ad4b2ca20693aa8dd45023	PE32	2022-02-17 02:56:44	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/borland_delphi YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Copy
2a58b9a1e8c5d87802d63fd0f40c0933ca5e303e8ade349f5bd0071fffe0e389	PE32	2022-02-17 02:29:36	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_tcp_socket YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/CRC32_poly_Constant YRP/CRC32b_poly_Constant YRP/MD5_Constants YRP/RC6_Constants YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Str_Win32_Winsock2_Library
f80ba02b8b800c303e50d403d4b99436aa524273831ca627f7606a9a6bd285db	PE32	2022-02-16 19:35:46	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_tcp_socket YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/CRC32_poly_Constant YRP/CRC32b_poly_Constant YRP/MD5_Constants YRP/RC6_Constants YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Str_Win32_Winsock2_Library
58d0f19d73506fb28f66ff8d361184a38c094494eb28289a6ce01759d872f779	PE32	2022-02-16 13:43:37	User Submission	YRP/AHTeam_EP_Protector_03_fake_PCGuard_403_415_FEUERRADER YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/CRC32_table YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/RijnDael_AES FlorianRoth/DragonFly_APT_Sep17_3
20c93a0e68cdf27e0b0e1196e0025667010408d2bcdbe9e1926d27181a481f1b	PE32	2022-02-16 05:48:04	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_tcp_socket YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/CRC32_poly_Constant YRP/CRC32b_poly_Constant YRP/MD5_Constants YRP/RC6_Constants YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Str_Win32_Winsock2_Library
cc2467112bc04e6d18fd921a603c12daf3f25562837debb3ee9e6d2cb716ed50	PE32	2022-02-16 01:50:52	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/domain YRP/IP YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/screenshot YRP/keylogger YRP/win_hook YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/RC6_Constants
84f65ea0570ad0cb113671be14dfa4a7d0f04ebfa773d4f53103e401c39511d1	PE32	2022-02-04 13:00:17	http://212.192.246.234/Spread/Cheats.exe	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/network_tcp_listen YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/Advapi_Hash_API YRP/CRC32b_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/CAP_HookExKeylogger
d5f079fb049c650bee2274b47d4e762b7b519cb8eb604c30e54b6bcd5aadb7c6	PE32	2022-02-03 16:04:47	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Sandboxie_Detection YRP/VirtualBox_Detection YRP/Qemu_Detection YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/Check_Qemu_Description YRP/Check_Qemu_DeviceMap YRP/Check_VBox_Description YRP/Check_VBox_DeviceMap YRP/Check_VBox_Guest_Additions YRP/Check_VBox_VideoDrivers YRP/Check_VMWare_DeviceMap YRP/Check_VmTools YRP/WMI_VM_Detect YRP/network_tcp_listen YRP/win_files_operation YRP/vmdetect_misc YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32b_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table FlorianRoth/Quasar_RAT_1
4a97bc8111631795cb730dfe7836d0afac3131ed8a91db81dde5062bb8021058	PE32	2022-02-03 03:00:47	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_http YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/MD5_Constants YRP/RC6_Constants YRP/FGint_MontgomeryModExp YRP/FGint_FGIntDestroy YRP/FGint_Base10StringToGInt YRP/FGint_Base256StringToGInt YRP/FGint_RSAEncrypt YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
43e4a6830f54f3bd039b90f0a27ad19a9f2bb673ab990f34dc201c3b102e056a	PE32	2022-02-03 03:00:39	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsConsole YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_http YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/MD5_Constants YRP/RC6_Constants YRP/FGint_MontgomeryModExp YRP/FGint_FGIntDestroy YRP/FGint_Base10StringToGInt YRP/FGint_Base256StringToGInt YRP/FGint_RSAEncrypt YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
9d62846d2589f314d9cd3f45a521eef246174b2b388462fb8bfecfb3847631fd	PE32	2022-01-12 16:02:08	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Sandboxie_Detection YRP/VirtualBox_Detection YRP/Qemu_Detection YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/Check_Qemu_Description YRP/Check_Qemu_DeviceMap YRP/Check_VBox_Description YRP/Check_VBox_DeviceMap YRP/Check_VBox_Guest_Additions YRP/Check_VBox_VideoDrivers YRP/Check_VMWare_DeviceMap YRP/Check_VmTools YRP/WMI_VM_Detect YRP/network_tcp_listen YRP/win_files_operation YRP/vmdetect_misc YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32b_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table FlorianRoth/Quasar_RAT_1
eb04b667e689cafae2c6057b63b489c77f8472d49a82fb2c10f561c67fb13b7b	PE32	2022-01-05 21:01:43	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Sandboxie_Detection YRP/VirtualBox_Detection YRP/Qemu_Detection YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/Check_Qemu_Description YRP/Check_Qemu_DeviceMap YRP/Check_VBox_Description YRP/Check_VBox_DeviceMap YRP/Check_VBox_Guest_Additions YRP/Check_VBox_VideoDrivers YRP/Check_VMWare_DeviceMap YRP/Check_VmTools YRP/WMI_VM_Detect YRP/network_tcp_listen YRP/win_files_operation YRP/vmdetect_misc YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32b_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table FlorianRoth/Quasar_RAT_1
a5b724d81201a0e45b3af7313440a47cdd67ff1843990109a7e25ecfaeee0256	PE32	2022-01-05 14:01:11	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Sandboxie_Detection YRP/VirtualBox_Detection YRP/Qemu_Detection YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/Check_Qemu_Description YRP/Check_Qemu_DeviceMap YRP/Check_VBox_Description YRP/Check_VBox_DeviceMap YRP/Check_VBox_Guest_Additions YRP/Check_VBox_VideoDrivers YRP/Check_VMWare_DeviceMap YRP/Check_VmTools YRP/WMI_VM_Detect YRP/network_tcp_listen YRP/win_files_operation YRP/vmdetect_misc YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32b_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table FlorianRoth/Quasar_RAT_1
d06072f959d895f2fc9a57f44bf6357596c5c3410e90dabe06b171161f37d690	PE32	2021-12-21 18:02:34	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Sandboxie_Detection YRP/VirtualBox_Detection YRP/Qemu_Detection YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/Check_Qemu_Description YRP/Check_Qemu_DeviceMap YRP/Check_VBox_Description YRP/Check_VBox_DeviceMap YRP/Check_VBox_Guest_Additions YRP/Check_VBox_VideoDrivers YRP/Check_VMWare_DeviceMap YRP/Check_VmTools YRP/WMI_VM_Detect YRP/network_tcp_listen YRP/win_files_operation YRP/vmdetect_misc YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32b_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table FlorianRoth/Quasar_RAT_1
6409d3f3daa33f1e7cef02f4481954d6618a595fdfed57541566bbf1605d7c62	PE32	2021-12-21 16:01:26	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Sandboxie_Detection YRP/VirtualBox_Detection YRP/Qemu_Detection YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/Check_Qemu_Description YRP/Check_Qemu_DeviceMap YRP/Check_VBox_Description YRP/Check_VBox_DeviceMap YRP/Check_VBox_Guest_Additions YRP/Check_VBox_VideoDrivers YRP/Check_VMWare_DeviceMap YRP/Check_VmTools YRP/WMI_VM_Detect YRP/network_tcp_listen YRP/win_files_operation YRP/vmdetect_misc YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32b_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table FlorianRoth/Quasar_RAT_1
28d0ac2b1be7545097b6594c9fa467345214473dc91ea83b245735894e47cb61	PE32	2021-10-31 17:00:51	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/network_tcp_listen YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/Advapi_Hash_API YRP/CRC32b_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/CAP_HookExKeylogger
a3bcfa26c7d00a8922892af37578d11fea5a92c4cc0e23b5e8afa1b2ba4b1f1b	PE32	2021-10-23 04:48:30	User Submission	YRP/Visual_Cpp_2005_DLL_Microsoft YRP/Visual_Cpp_2003_DLL_Microsoft YRP/IsPE32 YRP/IsDLL [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_registry YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG
9a498a01595504b0d2afc00ce9ebf2c3e7ce6d557fef89cf9d99759ee032d921	PE32	2021-10-07 16:35:57	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/network_tcp_listen YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/Advapi_Hash_API YRP/CRC32b_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/CAP_HookExKeylogger
2c058f6c79cc997d20c3fae40514f5f956807105bfa99394a1f867a77e23238f	PE32	2021-09-30 18:03:24	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsConsole YRP/HasDebugData [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/VirtualBox_Detection YRP/Qemu_Detection YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/Check_Qemu_Description YRP/Check_Qemu_DeviceMap YRP/Check_VBox_Description YRP/Check_VBox_DeviceMap YRP/Check_VBox_Guest_Additions YRP/Check_VBox_VideoDrivers YRP/Check_VMWare_DeviceMap YRP/Check_VmTools YRP/WMI_VM_Detect YRP/network_tcp_listen YRP/win_files_operation YRP/vmdetect_misc YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32b_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table FlorianRoth/Quasar_RAT_1
85fb4ff6108ebf0f167b448775ffa9b03c92f6d075b2da9dea6cb328b8b5aaaf	PE32	2021-09-24 09:08:25	User Submission	YRP/Visual_Cpp_2003_DLL_Microsoft YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/ThreadControl__Context YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_private_profile YRP/win_files_operation YRP/RC6_Constants YRP/TEAN
fd463d6ccf33883236cae97f301cfb62e9844a73c885d58f22ebcd3ecc18dcfe	PE32	2021-09-23 09:15:06	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/network_tcp_listen YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/Advapi_Hash_API YRP/CRC32b_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/CAP_HookExKeylogger
af5f467953bf5b4a4f5aaa37b642ccc6cdaeaeee067ad9e96ddb91c6c964b121	PE32	2021-08-03 17:05:49	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasDebugData YRP/domain YRP/IP YRP/contentis_base64 YRP/anti_dbg YRP/win_files_operation YRP/RC6_Constants
267a54113114676fd214ce951843992a31dd2736103af51e8f08061b4033aca9	PE32	2021-07-27 10:02:05	User Submission	YRP/Visual_Cpp_2003_DLL_Microsoft YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_files_operation YRP/RC6_Constants YRP/TEAN
059dd7e81265ce033d71a4cfb42549af473d70c5a8d50bc55e741f413b6e94e5	PE32	2021-07-26 16:05:09	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/FASM YRP/powershell [+] YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/spreading_share YRP/win_files_operation YRP/Big_Numbers0 YRP/RC6_Constants FlorianRoth/DragonFly_APT_Sep17_3
fa2211196f5c745170fc3c0b69a9e1a0774f6894601879373df3f9d3ad0a16e0	PE32	2021-07-14 09:00:39	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/borland_delphi YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Random YRP/Delphi_Copy
ab1bb4b8b9b1ccd7feba453c38ca1c64864e8170bbb304ab187455d4b63f87aa	PE32	2021-07-14 09:00:34	User Submission	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay [+] YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay_additional YRP/UPX_wwwupxsourceforgenet YRP/Borland YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/contentis_base64 YRP/win_registry YRP/RC6_Constants YRP/UPX YRP/suspicious_packer_section
b9a1c2a5ed66d7d8acf7c41a44fd0534cecf86a8e673e389a4e5b01c79d29c36	PE32	2021-07-09 20:01:35	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/network_tcp_listen YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/Advapi_Hash_API YRP/CRC32b_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/CAP_HookExKeylogger
868969eb84b4eb9e2248bfcd785c816f407b4a322ae1ca86b24954af0ba904a3	PE32	2021-06-18 03:05:19	User Submission	YRP/Visual_Cpp_2003_DLL_Microsoft YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_private_profile YRP/win_files_operation YRP/RC6_Constants YRP/TEAN
5f156e7a8c86f7760b4448e314394c8e6e98cad8e385ec32a047c5b86ead953f	PE32	2021-05-29 15:00:47	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsConsole [+] YRP/IsPacked YRP/IsBeyondImageSize YRP/borland_delphi YRP/domain YRP/IP YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers3 YRP/Prime_Constants_char YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_CompareCall YRP/Str_Win32_Winsock2_Library YRP/GenerateTLSClientHelloPacket_Test
3c65c9a9f10c2856e47f3303c108b63dfecfeadb81697e50ad144ed9fa0eca0c	PE32+	2021-05-04 03:57:26	http://159.69.142.67/HD/t1.exe	YRP/Borland YRP/IsPE64 YRP/IsWindowsGUI YRP/IsBeyondImageSize [+] YRP/borland_delphi YRP/domain YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Random
333903c7d22a27098e45fc64b77a264aa220605cfbd3e329c200d7e4b42c881c	PE32	2021-05-04 03:05:46	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_DLL YRP/IsDLL YRP/IsConsole YRP/domain YRP/IP YRP/contentis_base64 YRP/network_tcp_listen YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32b_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table
2e4b77ab660a468818766f1b7aefdb63ec732f6643d19d7edb1db1c4ea0f26bd	PE32+	2021-03-29 00:05:55	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/domain [+] YRP/IP YRP/contentis_base64 YRP/ThreadControl__Context YRP/SEH__vectored YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
c8e9a98afe5da51868d1efdf159672405e1d9116c5afc2d557f178579709a3fc	PE32	2021-03-02 10:14:05	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/borland_delphi YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Copy
847776492d9e151dc7ee0e19b8490da92e7565e16ead453162e73df39cc692c3	PE32+	2020-07-08 19:29:54	User Submission	YRP/Armadillo_v4x YRP/IsPE64 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/domain YRP/contentis_base64 YRP/screenshot YRP/win_registry YRP/CRC32_poly_Constant YRP/RC6_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section
6044a92189ff1d1f874f983e27ef656d78a0c0ae497bbcde4e5d823612fbc0b4	PE32	2020-07-07 23:29:12	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsConsole [+] YRP/IsPacked YRP/borland_delphi YRP/domain YRP/contentis_base64 YRP/win_registry YRP/win_token YRP/win_files_operation YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/FGint_FindPrimeGoodCurveAndPoint YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/Delphi_Random YRP/Delphi_CompareCall YRP/GenerateTLSClientHelloPacket_Test
6a16fc7b7ae59014be135f425639a855743b996b853ba42d05e45bfa246a902f	PE32	2020-06-30 19:58:44	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/borland_delphi YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Copy
6a134e14e2f25a1a6404afad2bf2814d903a8946c2b89a1e7d4a1573115c756e	PE32	2020-06-30 19:33:34	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 [+] YRP/IsConsole YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VMWare_Detection YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/vmdetect YRP/anti_dbg YRP/create_service YRP/network_http YRP/network_dga YRP/escalate_priv YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Delphi_Copy YRP/VC8_Random YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
11cad60ec1efe84484a02a8d1babe27ad47a0548174ba812578c3724038fe1bd	PE32	2020-06-30 05:59:38	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/IsBeyondImageSize YRP/borland_delphi YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Copy
118987d1a067bbad3792430471aff06a16ed3b1154bd519e0011efda93fb6da6	PE32	2020-06-29 20:56:44	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/Borland YRP/PECompactv2xx YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Misc_Suspicious_Strings YRP/SEH__vba YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Advapi_Hash_API YRP/RC6_Constants YRP/Delphi_Copy YRP/suspicious_packer_section
110e644147690a46c4d96894f353d56c8cede9a22cd6b9b8be579c4622d94eb9	PE32	2020-06-28 07:01:34	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/borland_delphi YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Copy
117a25562c43ae1481e49dfe5b1a25b251376882232dbcc27cd1132943038541	PE32	2020-06-27 19:52:56	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/borland_delphi YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Copy
11704ad537a2cbace04bcdaeae00082e1bc332e395dfc829155caa81bc47c1d9	PE32	2020-06-27 19:47:30	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/borland_delphi YRP/domain YRP/url YRP/contentis_base64 YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Copy YRP/Delphi_StrToInt
11d7b658423be720e7bda20efedcb61a8be50e2fba45a88e5fe9c598d4e726e3	PE32	2020-06-27 17:13:25	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsConsole [+] YRP/borland_delphi YRP/domain YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Copy
11bf5736650e05f4a0378f452fed65cec16ad7fca3b2af4ac91267d067a7654a	PE32	2020-06-27 12:45:16	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsConsole [+] YRP/borland_delphi YRP/domain YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Copy
1138bd2df564adc9c463139adfa6ec9adec4096b43a24bf47a6f087ea6f4b36b	PE32	2020-06-27 10:57:18	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/borland_delphi YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Copy
113e65421ac54b929fd601ca349703cf0ebf402f5187d32307dcb58b6001e1a6	PE32	2020-06-27 10:36:35	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Copy
11197357d44e71c336c007f2b6383f6af78a01bb14b2b9c67b9bac74b143aef1	PE32	2020-06-26 22:57:42	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/borland_delphi YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Copy
1111422c7e208242eab14aee124707ccf36bd9589d816ca11fa23eb58b518602	PE32	2020-06-26 21:35:26	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Copy
a64531cbda6e442cd3f3e351d73d4086bce009fb979ef90b28f6fa45122f5c8f	PE32	2020-06-14 03:04:40	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_DLL YRP/IsDLL YRP/IsConsole YRP/domain YRP/IP YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32b_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table
34e619de046404d3aeb191bee99a5bc97ca4808e2afa1f3a8a3c3e028389bf27	PE32	2020-06-11 12:05:52	http://176.123.7.51/22JUM.exe	YRP/IsPE32 YRP/IsConsole YRP/IsPacked YRP/IsBeyondImageSize [+] YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/anti_dbg YRP/win_private_profile YRP/win_files_operation YRP/RC6_Constants YRP/TEAN YRP/suspicious_packer_section
a48feda3d42e2b76d9a8404ad8a9d30b7145ce5db2119ffeeee7884178826040	PE32	2020-05-18 03:05:18	User Submission	YRP/Borland_Cpp_DLL YRP/Borland_Cpp_for_Win32_1999 YRP/Borland_Cpp_DLL_additional YRP/Borland [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_cpp YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/CRC32b_poly_Constant YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/FGint_FindPrimeGoodCurveAndPoint YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Delphi_StrToInt YRP/Str_Win32_Winsock2_Library YRP/CookieTools YRP/GenerateTLSClientHelloPacket_Test
a87532559747d7f64bea109f557cae4a4629a3aeab8dda844cbf67a64f61da00	PE32	2020-04-01 14:54:28	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_http YRP/network_dropper YRP/network_tcp_socket YRP/network_dns YRP/network_dga YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/sniff_audio YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/android_meterpreter YRP/Prime_Constants_char YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/GenerateTLSClientHelloPacket_Test
3f5ea3420bf62752f8552aa1af5253b4c441438530f16f2dae2105959835b364	PE32	2020-04-01 09:34:29	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_http YRP/network_dropper YRP/network_tcp_socket YRP/network_dns YRP/network_dga YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/sniff_audio YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/android_meterpreter YRP/Prime_Constants_char YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/GenerateTLSClientHelloPacket_Test
cb0bbd70ae4459a7f9d96bb5259b1a99a5c395f51330f018886ca408c2155f0f	PE32	2020-03-31 21:24:26	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_http YRP/network_dropper YRP/network_tcp_socket YRP/network_dns YRP/network_dga YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/sniff_audio YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/android_meterpreter YRP/Prime_Constants_char YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/GenerateTLSClientHelloPacket_Test
1c035eb0c7e4ed9912e5aed0d49a1a710333498b88d089c91eb1c8de0e6e0d2a	PE32	2020-02-22 03:17:32	User Submission	YRP/Visual_Cpp_2005_DLL_Microsoft YRP/Visual_Cpp_2003_DLL_Microsoft YRP/IsPE32 YRP/IsDLL [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Wininet_Library
f4df5590ce59334323fc24b1c8db6d8d5235c8bf61477429276d677d28916e78	PE32	2020-02-22 03:16:39	User Submission	YRP/Visual_Cpp_2005_DLL_Microsoft YRP/Visual_Cpp_2003_DLL_Microsoft YRP/IsPE32 YRP/IsDLL [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_registry YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG
f922e90c24833ec3431d6367fd9cb51fe0a828bdf9afb77a541d9e156e8f7c05	PE32	2020-02-22 03:16:35	User Submission	YRP/Visual_Cpp_2005_DLL_Microsoft YRP/Visual_Cpp_2003_DLL_Microsoft YRP/IsPE32 YRP/IsDLL [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/anti_dbg YRP/keylogger YRP/win_files_operation YRP/Prime_Constants_char YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG
27a34415f28cc70003e3f485b935b1f70b3b3d7fbe89f7703763117e2ee4ebf9	PE32	2020-02-22 03:16:28	User Submission	YRP/Visual_Cpp_2005_DLL_Microsoft YRP/Visual_Cpp_2003_DLL_Microsoft YRP/IsPE32 YRP/IsDLL [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/android_meterpreter YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG
721b1d49abe50d0053d3916650d66e4061e96fd4b2bc64f257b407bb947d47c4	PE32	2020-02-02 03:18:23	User Submission	YRP/Armadillo_v4x YRP/IsPE32 YRP/IsWindowsGUI YRP/HasDebugData [+] YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/anti_dbg YRP/win_mutex YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/TEAN YRP/WHIRLPOOL_Constants YRP/DES_sbox YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table
e7610b6b25734ec00440bfec6f771da8fec637d443ac2774fd89bd105473e57c	PE32	2020-01-15 15:32:27	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/borland_delphi YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Copy
d93220789ff5531c4fc981c54c33b88ed95e765bc2e42c44d8ddb8e7208cf338	PE32	2020-01-15 10:48:16	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/Browsers YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/VC6_Random YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
234a0f1456c06ac5db71edb362a27228f5a57edbd457909751c308ea54a17750	PE32	2020-01-14 03:01:21	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/anti_dbg YRP/win_files_operation YRP/Big_Numbers0 YRP/RC6_Constants YRP/TEAN
9442279972ba6877ad112082ce7d76b20804553d8ffd4746a4ee62859dc146c2	PE32	2020-01-13 17:32:01	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/disable_antivirus YRP/network_http YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RC6_Constants YRP/DES_sbox YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
5bff428c17f0ef007ef01eb3a911c39313be8a68e36f8d055e60a7b047698427	PE32	2020-01-13 17:31:43	User Submission	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/Netopsystems_FEAD_Optimizer_1 [+] YRP/UPX_290_LZMA YRP/UPX_290_LZMA_Markus_Oberhumer_Laszlo_Molnar_John_Reiser YRP/UPX_290_LZMA_additional YRP/UPX_wwwupxsourceforgenet YRP/Netopsystems_FEAD_Optimizer YRP/UPX290LZMAMarkusOberhumerLaszloMolnarJohnReiser YRP/upx_3 YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/CRC32_poly_Constant YRP/RC6_Constants YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section FlorianRoth/DragonFly_APT_Sep17_3
3b1929c8313eb1c7e1022f36945649f231f87184b1da324d58ef76f3b02e8663	PE32	2020-01-11 03:34:38	User Submission	YRP/Visual_Cpp_2005_DLL_Microsoft YRP/Visual_Cpp_2003_DLL_Microsoft YRP/IsPE32 YRP/IsDLL [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/android_meterpreter YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG
d039bb91c3540394cd3ebb71d49d0491257e9082175fe745278906d1f5401312	PE32	2020-01-11 03:33:27	User Submission	YRP/Visual_Cpp_2005_DLL_Microsoft YRP/Visual_Cpp_2003_DLL_Microsoft YRP/IsPE32 YRP/IsDLL [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/anti_dbg YRP/keylogger YRP/win_files_operation YRP/Prime_Constants_char YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG
cf76411a98752b6f2cf021d9b4c54c7f41620f4ac492df7c8c976c950b35762b	PE32	2020-01-11 03:33:02	User Submission	YRP/Visual_Cpp_2005_DLL_Microsoft YRP/Visual_Cpp_2003_DLL_Microsoft YRP/IsPE32 YRP/IsDLL [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Wininet_Library
79723cbc2234e26aae3111b8c7b6711da68a46d01e5808598a1492e49c331f60	PE32	2019-12-24 00:04:54	https://fmjstorage.com/LTCOB.KET	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/contentis_base64 YRP/RC6_Constants
d23ef47c963206ea32f12e63071b214bdd9928c233e8eb21e98580d17b157411	PE32	2019-12-15 03:01:35	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/antisb_threatExpert YRP/network_tcp_listen YRP/network_dropper YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite YRP/GenerateTLSClientHelloPacket_Test
16272806bf292163455c4904e325de633dcf916959f1ea20058698f83df88ef8	PE32	2019-12-02 18:30:58	User Submission	YRP/GCC_RealBasic_FreePascal_signII_ASL YRP/IsPE32 YRP/IsConsole YRP/Cygwin [+] YRP/domain YRP/url YRP/contentis_base64 YRP/android_meterpreter YRP/Big_Numbers2 YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/BASE64_table YRP/suspicious_packer_section
381af22461e29d69d92e0df3abcdfdf24d28532354374aea55957579ef1cf2bc	PE32	2019-11-24 14:53:32	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/borland_delphi YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Copy
0bc4abb02a63a82bebff77c3e384356338d5fbb475721d863a14702ff63cc2ce	PE32	2019-11-24 14:45:13	User Submission	YRP/Goats_PE_Mutilator_16 YRP/Goats_Mutilator_v16_Goat_e0f YRP/Goats_PE_Mutilator_16_additional YRP/Goats_Mutilator_V16_Goat_e0f [+] YRP/GoatsMutilatorV16Goat_e0f YRP/IsPE32 YRP/IsWindowsGUI YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/CRC32_table YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/RijnDael_AES FlorianRoth/DragonFly_APT_Sep17_3
7b350d24ec216e694e6711c7da8bdbba41ec83a882daca657a85cda450635957	PE32	2019-11-24 13:00:53	User Submission	YRP/Microsoft_Visual_Cpp_v60_DLL_additional YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasModified_DOS_Message YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_dropper YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section FlorianRoth/DragonFly_APT_Sep17_3
5810e75cb29b2e4e2575a8f01a3cf46869d3f51d611b13b8c5b80c36bd0acbfc	PE32	2019-11-24 12:20:43	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Copy
3af2121dbe3d810c7287f46e2271263d42044916cfc4d5eaabf91b44b5a152e8	PE32	2019-11-24 12:17:33	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/borland_delphi YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Copy
9dbb15b75f0302399c3fcff6c3d9205d3e1f7d4d7634e3d92eb474429ad81dcc	PE32	2019-11-24 11:42:44	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/borland_delphi YRP/domain YRP/url YRP/contentis_base64 YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Copy YRP/Delphi_StrToInt
fabd44f5cb477f629eea8dbde54fab6830d37fee661caac05826b3a92920bfaf	PE32	2019-11-24 11:34:11	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/network_http YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
ff7409c7639a96584be69dbd9c81dc843f4c65902489331a80c68806e721cf9a	PE32	2019-11-24 11:23:02	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/url YRP/contentis_base64 YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/RC6_Constants YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Delphi_StrToInt
ddeb368d9aa2f89adfed15b3c1bf17efdfeccd937858368f45e07ae8e1cf8de1	PE32	2019-11-24 10:46:36	User Submission	YRP/Goats_PE_Mutilator_16 YRP/Goats_Mutilator_v16_Goat_e0f YRP/Goats_PE_Mutilator_16_additional YRP/Goats_Mutilator_V16_Goat_e0f [+] YRP/GoatsMutilatorV16Goat_e0f YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/ImportTableIsBad YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/network_ssl YRP/CRC32_table YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/RijnDael_AES YRP/CookieTools
ccaf66baefb99be423843be30196795b9f7a44d86b1c2b044a74beebe1c4d642	ELF	2019-09-16 03:38:44	http://54.37.185.239/oscam	CuckooSandbox/embedded_pe YRP/possible_includes_base64_packed_functions YRP/domain YRP/IP [+] YRP/url YRP/contentis_base64 YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/CRC32b_poly_Constant YRP/CRC16_table YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table
5c5919c660742b850915446083a6c2dec33fe63e0b97cb1a27081e5b88837a3b	PE32	2019-07-30 21:56:35	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/VMWare_Detection YRP/vmdetect YRP/anti_dbg YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RC6_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants
4f3db8eb6a92c35312e30f7fdcb9a963e2a8273efcf4e88cd4df01feefb8293c	PE32	2019-05-25 00:56:28	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsBeyondImageSize YRP/borland_delphi YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/win_registry YRP/win_files_operation YRP/RC6_Constants YRP/Delphi_Random
58760750029ed58aaede88892b1c5d81a525adb2bbb5aee7e48f927d43df44b6	PE32	2019-05-25 00:45:11	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/contentis_base64 YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/RC6_Constants YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Delphi_StrToInt
bd5d3ebe6150f53c1535e1667a18bbd4831751a414e7518dc8e1d15a19db95b3	PE32	2019-05-25 00:44:51	User Submission	YRP/UPX_v0896_v102_v105_v122_Delphi_stub_additional YRP/UPX_v0896_v102_v105_v122_Delphi_stub_Laszlo_Markus YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional [+] YRP/MSLRH_V031_emadicius YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/UPX_v0896_v102_v105_v122_Delphi_stub YRP/UPX_wwwupxsourceforgenet YRP/Borland YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPXProtectorv10x2 YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/contentis_base64 YRP/screenshot YRP/win_registry YRP/RC6_Constants YRP/UPX YRP/suspicious_packer_section
4c75f7de452cf66eddd2bd2313419f95b43704677b1b9ab21b809e80b38fd018	PE32	2019-05-06 20:00:34	http://dl2.soft-lenta.ru/L21pc2NlbGxhbmVvdXMv...	YRP/VMware_ThinApp_V4002200_VMware_20090124 YRP/UPXProtectorv10x2 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasOverlay YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VMWare_Detection YRP/win_registry YRP/CRC32_poly_Constant YRP/RC6_Constants YRP/SHA1_Constants YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section

Recent Searches
yrp/rc6_constants
yrp/whirlpool_constants
yrp/armadillo430asiliconrealmstoolworks
yrp/sets_pos
yrp/nspack_v33_liuxingping_additional
yrp/derkziel
yrp/trojan_win32_plainst
yrp/fgint_ecpointdestroy
yrp/miracl_mirvar
yrp/telock_v098

Search

Recent Searches