MalShare

SHA256 Hash	File type	Added	Source	Yara Hits
d42ae9509a110e4c8316bb71949c14a908f38277cbf6b4d2a216ba173aa24e55	PE32	2022-03-11 19:04:32	User Submission	CuckooSandbox/embedded_macho YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET [+] YRP/Microsoft_Visual_Studio_NET_additional YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/VMWare_Detection YRP/VirtualBox_Detection YRP/Dropper_Strings YRP/WMI_strings YRP/Base64d_PE YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__RemoteAPI YRP/anti_dbg YRP/network_smtp_dotNet YRP/keylogger YRP/win_hook YRP/vmdetect_misc YRP/Big_Numbers0 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/Njrat YRP/UPX YRP/suspicious_packer_section
e21670df59190d3739b19dd9e1d55d321c935ffa38796ddcb69dc85dbae3f4ad	PE32+	2022-03-09 15:47:18	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Sandboxie_Detection YRP/VirtualBox_Detection YRP/Misc_Suspicious_Strings YRP/vmdetect YRP/anti_dbg YRP/anti_dbgtools YRP/antivm_virtualbox YRP/network_tcp_listen YRP/network_smtp_raw YRP/network_tcp_socket YRP/network_dns YRP/win_files_operation YRP/vmdetect_misc YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/suspicious_packer_section
630120dad6e3589a7b7eff848803a5e0ffef468dacc681cae956596c674fab90	PE32+	2022-03-06 03:03:11	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/RE_Tools YRP/Antivirus YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/disable_dep YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Advapi_Hash_API
777a815fde3dedace42c5dc65d1662aa0d95df4e18d317c8162939cc5421eed9	PE32+	2022-03-05 02:31:04	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants
678f915c222a1f18e587549011214b09241661a0f6cd918780252d0f29a204e5	PE32+	2022-03-02 02:10:38	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/RE_Tools YRP/Antivirus YRP/anti_dbg YRP/inject_thread YRP/win_registry YRP/win_files_operation
ae85e28e2a05a8e927bfc85ca802808bb095432b3654d8dfffb362578cbe14f8	PE32	2022-03-02 02:10:28	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsConsole [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/RE_Tools YRP/Antivirus YRP/anti_dbg YRP/inject_thread YRP/win_registry YRP/win_files_operation
c33b16e12b88bc0e21a2bd7242941f1a84cd964ca2136c3f7fffddc60ba834a4	PE32	2022-02-26 22:00:28	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/VMWare_Detection YRP/Sandboxie_Detection YRP/VirtualBox_Detection YRP/Qemu_Detection YRP/vmdetect_misc FlorianRoth/DragonFly_APT_Sep17_3
279d18ed72f35392a7b6868d6a81ec736b6bf60d168742bbc405803c2369ce86	PE32	2022-02-24 10:56:46	User Submission	YRP/Microsoft_Visual_Cpp_8_additional YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/RE_Tools YRP/SEH__vba
c8c8ec284b1b0e19a39a76db7373089d7bf4c3825ef256143c51df125773ec02	PE32	2022-02-24 08:26:07	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/HasRichSignature [+] YRP/domain YRP/contentis_base64 YRP/RE_Tools FlorianRoth/DragonFly_APT_Sep17_3
efcd69ef05b3ec798a453017169dee2d044934b46d25860f54e11971b81f5510	PE32	2022-02-24 08:05:29	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/Borland YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/RE_Tools YRP/Antivirus YRP/anti_dbg YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/Delphi_FormShow YRP/VC8_Random YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
4670db7eae479f6b6adc6292bd0f005443fb325956becd42f0942c568f634dc7	PE32	2022-02-24 06:42:12	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/Borland YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/RE_Tools YRP/Antivirus YRP/anti_dbg YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/Delphi_FormShow YRP/VC8_Random YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
59332a62605f3bca4526748778be8e374e427b5244a60ab7596625a916099c39	PE32	2022-02-24 03:14:25	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/suspicious_packer_section
67d65e7e20dbdfe14123fef6be59d3cee3e5af718f037a938b3c592f480bede9	PE32	2022-02-23 17:45:29	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/Visual_Cpp_2008_Release_Microsoft YRP/IsPE32 [+] YRP/IsConsole YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/RE_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/create_service YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation
72aaf1d4021adddfec4fbea5dece0690cd49a3a1a88015379632f69f2e032584	PE32	2022-02-23 15:06:25	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/anti_dbg YRP/win_files_operation YRP/Big_Numbers3 YRP/PUP_InstallRex_AntiFWb YRP/suspicious_packer_section FlorianRoth/PUP_InstallRex_AntiFWb
9deb2a1e6ca71829b0a604a89c48401487ac364be9f284e507ea3df0a003705c	PE32+	2022-02-23 11:58:36	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasDebugData [+] YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/RE_Tools YRP/Antivirus YRP/anti_dbg YRP/anti_dbgtools YRP/network_dropper YRP/keylogger YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Cerberus
1c043a7016d8c5e7d4b0c3a28fc9a680e4544a5ea91747b3a5358e85472899d4	PE32	2022-02-23 11:46:09	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/HasRichSignature [+] YRP/domain YRP/contentis_base64 YRP/RE_Tools FlorianRoth/DragonFly_APT_Sep17_3
d79ac03f11b50215188718215c0c53ed5294ce7318af645ce9e4b40427d6a184	PE32	2022-02-23 08:23:13	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/PUP_InstallRex_AntiFWb YRP/suspicious_packer_section FlorianRoth/PUP_InstallRex_AntiFWb
429578e127b2335eac72b69c6ad1b51dca1ef714716ab7eb643a87c1c71acee4	PE32	2022-02-23 07:49:55	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/PUP_InstallRex_AntiFWb YRP/suspicious_packer_section FlorianRoth/PUP_InstallRex_AntiFWb
6b914c792e64e05353b7382a93b1922071ff84d589b7178d3b4c00312df69184	PE32	2022-02-23 04:55:44	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/RE_Tools YRP/SEH__vba
cdc6f25228e81547f496f8092232bd72a26ea5b12a9539ba1786ec8b090cbc4d	PE32	2022-02-22 22:38:39	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/anti_dbg YRP/win_files_operation YRP/Big_Numbers3 YRP/PUP_InstallRex_AntiFWb YRP/suspicious_packer_section FlorianRoth/PUP_InstallRex_AntiFWb
5450407a14e22321a355c6eebbf5bdf752df6fff9b70a1b449b0f0047e19c3ad	PE32	2022-02-22 22:21:01	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/Borland YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/RE_Tools YRP/Antivirus YRP/anti_dbg YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/Delphi_FormShow YRP/VC8_Random YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
cd6139ace98a6d01fa730714851e2b401942048ff521b8c6824393e9981ba082	PE32	2022-02-22 22:01:35	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/PUP_InstallRex_AntiFWb YRP/suspicious_packer_section FlorianRoth/PUP_InstallRex_AntiFWb
9ca1304aa2bd91af65e50bd62e384031fca61e6abd5268c74fc7b94901aca71e	PE32	2022-02-22 15:25:44	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/RE_Tools YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Active YRP/SEH__vba YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/network_http YRP/network_dga YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Prime_Constants_char YRP/Crypt32_CryptBinaryToString_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
d5a9b9e5655f1f4ab556ee6d6809f21047a389e3e196334cf50ee56b0cd76877	PE32	2022-02-22 10:37:27	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/Borland YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/RE_Tools YRP/Antivirus YRP/anti_dbg YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/Delphi_FormShow YRP/VC8_Random YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
d4ac5b3c525a5fd94019d80ff81b552e73b19b1bd0a554b9609cdd5e1b00955a	PE32	2022-02-19 19:42:04	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsConsole [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/MD5_Constants
dcd77cbafb9f454fd8f2455d65a7d095c64f1af7efc38e91b20bf50aa145ef0e	PE32	2022-02-19 16:31:00	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_4 YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/inject_thread YRP/hijack_network YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section
fa72b4794a1615885cc9b4a5705032b533c578b84166811862c4832ab3e9a55b	PE32	2022-02-19 14:00:51	User Submission	YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/RE_Tools YRP/Antivirus YRP/anti_dbg YRP/anti_dbgtools YRP/win_registry
d3819443100733fbbafdb09b145f39147b969689be35ba882f23c53ae557b4ec	PE32	2022-02-19 09:49:02	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbgtools YRP/inject_thread YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
4276c0440ebbc54f6f8b6d24cf3936af05eaae86956fb88a433cbc6f212c0afa	PE32	2022-02-19 08:18:49	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/with_images YRP/without_attachments YRP/with_urls YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/RE_Tools YRP/Misc_Suspicious_Strings YRP/DebuggerHiding__Active YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_http YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/DES_sbox YRP/BASE64_table YRP/VC8_Random YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
059d0b2fc33fae4f71b67ca410512d8b14828cebb601927dc1fc1aba8e413fd6	PE32	2022-02-18 21:31:33	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Misc_Suspicious_Strings YRP/Check_FindWindowA_iat YRP/anti_dbgtools YRP/inject_thread YRP/network_dropper YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
3e768581d69952a1aa7d3c13f2a62e8dea3f31b3347db973b2c9ccbbdb6fd25a	PE32	2022-02-18 19:51:01	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_4 YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/inject_thread YRP/hijack_network YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section
150ea9171ca16f43495446e67cb37ecce64585cfd5113eac3cbc57ffad972663	PE32	2022-02-18 15:43:49	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_4 YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/inject_thread YRP/hijack_network YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section
f8fc66da9a78627c2dfb2c89ed0c8f6ce676931712ac19c064b3cdd4fb56bbab	PE32	2022-02-18 08:16:23	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_4 YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/inject_thread YRP/hijack_network YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section
4b5116ec00c333a6246b87978c4dc355f44a729e97959a4c24f5eccaef428f7b	PE32	2022-02-18 06:37:24	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/DebuggerHiding__Thread YRP/anti_dbg YRP/anti_dbgtools YRP/inject_thread YRP/hijack_network YRP/create_service YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Advapi_Hash_API
50f5ceb3dbfd18734191f348c954f15cd6eb381f96b619bd6247c7f3d6d45f0b	PE32	2022-02-18 06:19:20	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/suspicious_packer_section
51974a07ef3bb4624972a4d0501ca9546aafa38e47db3414d18530a25bdf8bcd	PE32	2022-02-18 04:38:00	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsDLL [+] YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_4 YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/inject_thread YRP/hijack_network YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section
47e47af20341c14145765f68787684cf09b46278c77d0d1eea4e4525bdedb109	PE32	2022-02-18 01:47:07	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/anti_dbgtools YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/spreading_share YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
89dcb9307ef18d7e24576267dd04ceca9c9c2de9d51979e1099245beb36e3d1f	PE32	2022-02-18 00:42:47	User Submission	YRP/Safeguard_103_Simonzh YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/RE_Tools YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/anti_dbgtools YRP/inject_thread YRP/hijack_network YRP/network_udp_sock YRP/network_http YRP/network_tcp_socket YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/VC8_Random YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
0799f407e083ea1944188d6c71d684fb6816907a319356b04a8b83305482a7b8	PE32	2022-02-18 00:14:06	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/inject_thread YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
14752abc7374a0ac87e1a62bf8a5ae387ca47c9cd4aa5b478edb75d7667a0562	PE32	2022-02-17 23:51:34	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Misc_Suspicious_Strings YRP/Check_FindWindowA_iat YRP/anti_dbgtools YRP/inject_thread YRP/network_dropper YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
caaf4f11844516e2d8ac0167bf2d91ae49f9a7fbbaad14a05b1b7ce899e03ce8	PE32	2022-02-17 23:37:59	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_4 YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/inject_thread YRP/hijack_network YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section
598606361a3f3f1f2747405ccbedad46df3ace024dc42de1c50a5aad7b2d1315	PE32	2022-02-17 23:32:32	User Submission	YRP/Safeguard_103_Simonzh YRP/PE_Crypt_102 YRP/PE_Crypt32_v102_additional YRP/PE_Crypt_v102 [+] YRP/PE_Crypt32_v102 YRP/PE_Crypt32_102_randomkilla_and_acpizer YRP/PE_Crypt_v100v101_additional YRP/PE_Crypt_v102_additional YRP/PE_Crypt32_Console_v10_v101_v102_additional YRP/FSG_v110_Eng_dulekxt_Microsoft_Visual_C_Basic_NET YRP/PE_Crypt_102_randomkilla_and_acpizer YRP/PECrypt32v102 YRP/PECrypt102 YRP/PECryptv102 YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/anti_dbgtools
8d6d58800473aa15b3dac92122e81aed3387c1183965c00e051c50833345abf3	PE32	2022-02-17 22:41:44	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
ef6f7171d53e27f8706857184993105f52cb85ca5d52e3f382c4f61df9f18662	MS-DOS	2022-02-17 22:30:10	User Submission	YRP/Mew_11_SE_v12_Eng_Northfox_ YRP/MEW_11_SE_12 YRP/MEW_11_SE_12_additional YRP/MEW_11_SE_v12_NorthfoxHCC_additional [+] YRP/MEW_11_SE_11_Northfox YRP/Mew_11_SE_v12_Eng_Northfox YRP/MEW_11_SE_v12_NorthfoxHCC YRP/MEW_11_SE_v11_Northfox YRP/MEW_11_SE_v11_Northfox_HCC YRP/MEW_11_SE_v11_Northfox_HCC_additional YRP/PEPaCKv10CCopyright1998byANAKiN YRP/mew_11_xx YRP/IsPE32 YRP/IsWindowsGUI YRP/HasModified_DOS_Message YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_udp_sock YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/keylogger YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/suspicious_packer_section
c2470aa1143e956fe2d358a76f1c1bd2159bf9c98741a8b2b2e94516cdd852bb	PE32	2022-02-17 20:22:38	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
25b23fe9855147f270bdb783107b1fc62637bc3add5d7af0e5ac90614161c756	MS-DOS	2022-02-17 20:10:40	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasModified_DOS_Message YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/suspicious_packer_section
99b535bb060b2007c0af7daebb399a18ac0a588fe23561b55ed8f18a2ecf10ae	MS-DOS	2022-02-17 19:18:13	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasModified_DOS_Message YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbgtools YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/spreading_share YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
405da052dfa5a7af86d3f9a21d1d95ace8c2b3b3c41a16f911867bcbeb543e91	PE32	2022-02-17 19:13:27	User Submission	YRP/Microsoft_Visual_Basic_v50 YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/VMWare_Detection YRP/Sandboxie_Detection YRP/WMI_strings YRP/SEH__vba YRP/WMI_VM_Detect YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/Str_Win32_Winsock2_Library
093539d6c0b424ef136c6fa6c988df77e0b536907d309d815606c04d0afa5396	PE32	2022-02-17 16:13:11	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/OpenSSL_BN_mod_exp_mont YRP/RijnDael_AES YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
9ebbd5d9c017ec33123454a91efc49fcb3449007a14baa7fda963b20eed8c16c	PE32	2022-02-17 15:58:11	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
e2f482e7acc175b2ba31985c20c4eb3678e272c9fdce5dcf4d7e3994688273a9	PE32	2022-02-17 15:42:23	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
156ed85934ac8f6bc77696ad63b69f53905877c80fcc5b08b851dd9f1915b1da	PE32	2022-02-17 15:07:48	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/RE_Tools YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/inject_thread YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/network_ssl YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Delphi_StrToInt YRP/Str_Win32_Winsock2_Library YRP/CookieTools YRP/suspicious_packer_section
f456469c4a30f5967d7049de5428e0151eeadac69b62ccf95f52ec76148bc5cd	PE32	2022-02-17 14:40:09	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
19730a36f1fa7d6c76fee1c2d6edf7a2db6bca9c0ec40d154fc7ac227e32c7be	PE32	2022-02-17 14:31:15	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Misc_Suspicious_Strings YRP/Check_FindWindowA_iat YRP/anti_dbgtools YRP/inject_thread YRP/network_dropper YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Str_Win32_Winsock2_Library
491dffe2d876db00b68d84ff17482f32bda6ca52d5c136cf0dba249803359e62	PE32	2022-02-17 13:18:39	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbgtools YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/spreading_share YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
7863c325d6e2e8995aa5cea6a4bcf35b6457d915c239ea235d5e1beea9a6a6da	PE32	2022-02-17 12:47:07	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/suspicious_packer_section
b4f3a0964f6ede1bb25e8e2cd8e004b4ab0bc86c4b56a9ed8278e46cbd6f18dd	PE32	2022-02-17 12:13:29	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
e62ecb7cd48fd45abb8f51c64f636fe286fb8670636c9334284b3eb58c90ef6d	PE32	2022-02-17 12:06:04	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
2d553f2c80b9f055d928ed30c5cb4fe35a919978045f0b5510447d9428941285	PE32	2022-02-17 12:04:49	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 [+] YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/anti_dbgtools YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/spreading_share YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
72cb6b8a5e80ba971dc41862586429b26580c0463e9195bf33768b113ee8990e	PE32	2022-02-17 10:34:31	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/OpenSSL_BN_mod_exp_mont YRP/RijnDael_AES YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
cb5d630f060bbe78662005379657024e2c63d6a680615ec3317149672fd32bb0	PE32	2022-02-17 10:32:18	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
9e566ccc90548c6f09634eab7fe7cacee713f49b3c7c09e812e8a6a9c1944a19	PE32	2022-02-17 10:02:04	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Misc_Suspicious_Strings YRP/Check_FindWindowA_iat YRP/anti_dbgtools YRP/inject_thread YRP/network_dropper YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
b203c2fde0f198590e5c8ca03483f707d6a999a6840c26fcf6923dfa16641535	PE32	2022-02-17 08:02:40	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/OpenSSL_BN_mod_exp_mont YRP/RijnDael_AES YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
7bcda00bcbd5461a10a2bbdda8834064413b72c3bb5dfd5b4afba08db0cfbd96	PE32	2022-02-17 06:05:42	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_4 YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/inject_thread YRP/hijack_network YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section
3a6be3abc429d773411dbbb20b89c915f96f62a936231880d473ae6d26c2a008	PE32	2022-02-17 05:22:22	User Submission	CuckooSandbox/vmdetect YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional [+] YRP/Borland_Delphi_30_ YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/VirtualPC_Detection YRP/VirtualBox_Detection YRP/Dropper_Strings YRP/vmdetect YRP/anti_dbg YRP/anti_dbgtools YRP/antivm_virtualbox YRP/screenshot YRP/keylogger YRP/spreading_file YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Delphi_StrToInt YRP/Delphi_DecodeDate
69986b35096a790ceed66ebfeba3e859ec16dc012f1d5d9bf787ba99ff834ca6	PE32	2022-02-17 00:53:00	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbgtools YRP/inject_thread YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
44479a48d9f2c2ffa171ba62bd9ce7d7980434024e95fbbd9aa770309a51705c	PE32	2022-02-17 00:34:07	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
6281db5f5fe997ad870c302bbfac026a0dbda7802599c3ae75fee7363997fad6	PE32	2022-02-16 23:29:37	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/suspicious_packer_section
b2cd4e70e10028d621180d557c50fb1c54865dbac9018f68db15e8050ae5c5ea	PE32	2022-02-16 22:43:45	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsDLL [+] YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_4 YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/inject_thread YRP/hijack_network YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section
91e4f510784030dd6ec10768057952c9cb5183ad1c82bbb27ec24ae1a29bd5ad	PE32	2022-02-16 22:06:03	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
9b21b0d9ebc54ccd0dbfb193f34885a356da7813e41e6cda23cd04666ba03df0	PE32	2022-02-16 17:16:21	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
9cd86e9b91c3c6cda9932a429e36eb562bd073cd5c7a2d8089d79653502fae32	PE32	2022-02-16 17:02:51	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/with_images YRP/without_attachments YRP/with_urls YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/RE_Tools YRP/Misc_Suspicious_Strings YRP/DebuggerHiding__Active YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_http YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/DES_sbox YRP/BASE64_table YRP/VC8_Random YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
7ee81ec421ae4c28ccf6a9bde6065139160ad9e576eca404d5bdb86499c6d45f	PE32	2022-02-16 12:43:30	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsWindowsGUI YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/anti_dbgtools YRP/win_registry YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
cccec202eae8ac5d9cb0887037e1e9c2920eaef28932760f77dd7466d5e54ed1	MS-DOS	2022-02-16 12:13:54	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasModified_DOS_Message YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/OpenSSL_BN_mod_exp_mont YRP/RijnDael_AES YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
8119052be7eeba33bd1cd7db6066b207472a75d0ac5d74090e2348dc94d89407	PE32	2022-02-16 12:06:02	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
5ff314287085cec4105b63ba750458fdba6e2887d2d7ff5053bab7bb9cbb4f53	PE32	2022-02-16 11:28:34	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/OpenSSL_BN_mod_exp_mont YRP/RijnDael_AES YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
d9147b5f35079186e63460235884d62cc39162a8e489b24f547aef896523771e	PE32	2022-02-16 11:05:26	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsDLL [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/inject_thread YRP/hijack_network YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section
cc666e4e39fca223bd6ff1b5afe451744c5a3b2babd78e8b444b224b0f7210fb	PE32	2022-02-16 10:50:31	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbgtools YRP/inject_thread YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_sbox YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
e7f25377aa6405a63f363c0e2be40a320ecbc3b5acb9765db89dd1366b56bc79	PE32	2022-02-16 10:37:48	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbgtools YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/spreading_share YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/suspicious_packer_section
9974a0f19763f474d3a5677f60f575bd8fbaad17a85a6980a058068664ba5e0a	PE32	2022-02-16 09:48:20	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
b920591ad4c3e257237af59f308be8960c9f02459abd1b5017003e53ad95eab4	PE32	2022-02-16 08:40:44	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/inject_thread YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
296a6c0501760987994067fc7ecd0056cedd847ce3bcc168a0e0d97c0edf02d9	PE32	2022-02-16 08:33:59	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Misc_Suspicious_Strings YRP/Check_FindWindowA_iat YRP/anti_dbgtools YRP/inject_thread YRP/network_dropper YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
27251ac0406871a84d316faa6ba70713695b4b1f5d8e3e4a0b76c4f60fd35a1a	PE32	2022-02-16 08:22:39	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/inject_thread YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
7bf3cb439c025c822715398f0ea487e3237c988347a7c8e719699bfafa01e5c7	MS-DOS	2022-02-16 05:09:00	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasModified_DOS_Message YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/suspicious_packer_section
cf9fe340eed1b37ea28236b516e0a6653cd14014412260649827fa322eefe960	PE32	2022-02-16 05:07:15	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
0e8ff6ab15051141865a58e67f9f3c36280afa5d59b69d1746e03eb570b6b8a3	PE32	2022-02-16 04:02:14	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
c6cc5e57f80d6a0490f55cd44e0a4cbcbac01a742802e5e5a4dd076c7988469c	PE32	2022-02-16 02:59:35	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/OpenSSL_BN_mod_exp_mont YRP/RijnDael_AES YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
228269285b6eed9de427c53b4a50b5d92343da4b5ddb532a9a338fc8fee09be2	PE32	2022-02-16 02:10:15	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
4c65429d47d583f5bf5b21219d2c81b5186733321eb447bddd83d68836f1fc47	PE32	2022-02-16 01:49:45	User Submission	YRP/IsPE32 YRP/HasDebugData YRP/IsBeyondImageSize YRP/ImportTableIsBad [+] YRP/HasRichSignature YRP/maldoc_getEIP_method_4 YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/anti_dbgtools YRP/network_udp_sock YRP/network_tcp_listen YRP/network_smtp_raw YRP/network_irc YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/spreading_share YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
803948df419b8f0b90a7948d9c7f3407dcc2b968449f8a9201cc99c4abd8f36a	PE32	2022-02-16 00:10:09	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
8ad0db91e0b7e477acb58b665559173aa778e309bdbead0257a8979443c88675	PE32	2022-02-15 22:55:22	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Misc_Suspicious_Strings YRP/Check_FindWindowA_iat YRP/anti_dbgtools YRP/inject_thread YRP/network_dropper YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
9d76b77758e5bbe93931e8ff30d297c255a55caaa20f4cf94c609e2534b7bcca	PE32	2022-02-15 21:10:36	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_4 YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/inject_thread YRP/hijack_network YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section
36abc802d368f356b01cb027e916d8568d14677f7b7e33287af4e26ee7485cc5	PE32	2022-02-15 20:55:44	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasModified_DOS_Message YRP/without_images YRP/without_attachments YRP/without_urls YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbgtools YRP/network_tcp_listen YRP/network_smtp_raw YRP/network_irc YRP/network_tcp_socket YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/CRC32_poly_Constant YRP/CRC32_table YRP/VC6_Random YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
4d5ee87da426d190fa246f8d2f405a2d44973ea923fd1408c57f24daec96b707	PE32	2022-02-15 19:53:59	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_4 YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/inject_thread YRP/hijack_network YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section
c03affcc6f63f4b5d6b64929c06c8460e47d5362c039e2b4f08eabe34a7c46aa	PE32	2022-02-15 19:30:42	User Submission	CuckooSandbox/vmdetect YRP/Borland_Delphi_40_additional YRP/Borland_Delphi_v60_v70_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC [+] YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/contentis_base64 YRP/RE_Tools YRP/VM_Generic_Detection YRP/VirtualPC_Detection YRP/Misc_Suspicious_Strings YRP/vmdetect YRP/anti_dbg YRP/anti_dbgtools YRP/disable_antivirus YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Delphi_StrToInt YRP/Delphi_DecodeDate YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
09d79450d48e3f6614a55b30e3b638ace01f62138edd6a8bfec46c998e63fe28	PE32	2022-02-15 18:52:13	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/suspicious_packer_section
8a836e3c8f5ee79b8dcecfe72cc5bcb8e04fe94cf492ff7a62e2c8008f424ef3	MS-DOS	2022-02-15 17:54:47	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasModified_DOS_Message YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/anti_dbgtools YRP/hijack_network YRP/network_tcp_listen YRP/network_irc YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
de05a1d52264370195aae40fdd5430e1dd33e8536083b832ad7f16b67452b86f	PE32+	2022-02-03 15:03:51	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/HasDebugData [+] YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/RE_Tools YRP/Antivirus YRP/anti_dbg YRP/anti_dbgtools YRP/network_dropper FlorianRoth/DragonFly_APT_Sep17_3
34b70bb99e8173a4f5fa2bad6307d2e3d1b3a481d2cf7a40f9ee7bbfec3b0863	PE32+	2022-01-28 02:02:03	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/RE_Tools YRP/Antivirus YRP/anti_dbg YRP/inject_thread YRP/win_registry YRP/win_files_operation
ff296ae6534c716dc704cc2ab53b96586bfffb40f7266efebc182586abf6c435	PE32	2022-01-28 02:01:56	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsConsole [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/RE_Tools YRP/Antivirus YRP/anti_dbg YRP/inject_thread YRP/win_registry YRP/win_files_operation

Recent Searches
yrp/re_tools
yrp/innosetupmodule
yrp/simplepack121build0909method2bagie
yrp/webshell_cihshell_fix
yrp/chinese_spam_echoer
yrp/email_ukraine_power_attack_content
yrp/crypter31slesh
yrp/debuggercheck__queryinfo
yrp/vprotector13xvcasm
yrp/sysocmgr

Search

Recent Searches