MalShare

SHA256 Hash	File type	Added	Source	Yara Hits
8426fd32ca58e7c77d51f9ee9f13dd84e7ef07ee1fe028b55fde07de922e905b	PE32	2022-03-20 22:00:12	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_dropper YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/keylogger YRP/sniff_audio YRP/cred_ff YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Prime_Constants_long YRP/RijnDael_AES YRP/Str_Win32_Winsock2_Library YRP/GenerateTLSClientHelloPacket_Test
7c321e4c1f7dee37aab2fd65d50987b9502a3700348ef2ab08d79a952ff27ab7	PE32	2022-03-20 21:00:49	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/contentis_base64 YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/disable_dep YRP/keylogger YRP/Njrat
fa7ad019008c5bd1b69b90de051e62e91d5e81350ba6200be27d5851a8fa391e	PE32	2022-03-20 15:32:27	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/anti_dbg YRP/disable_dep YRP/network_http YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
d44670b7dede4487ecc7d4a61f28a0462591fac8d303aa36b8b376001c79111d	PE32	2022-03-20 14:11:22	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/contentis_base64 YRP/disable_dep YRP/network_dns YRP/win_registry YRP/Nanocore_RAT_Gen_2 YRP/NanoCore FlorianRoth/RAT_NanoCore FlorianRoth/Nanocore_RAT_Gen_2 KevTheHermit/NanoCore BAMFDetect/NanoCore
a1c644a64801c61e1649517c3debc28b194b4f9d43e1a99bc28724f652c3ca5e	PE32	2022-03-20 12:20:19	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/disable_dep YRP/inject_thread YRP/network_dropper YRP/escalate_priv YRP/keylogger YRP/sniff_audio YRP/cred_ff YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
9486d93dedcb4e1eabc7ab1c778b01459f8afc13aba9d3017e20003c22476100	PE32	2022-03-20 11:49:31	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/DebuggerCheck__QueryInfo YRP/ThreadControl__Context YRP/SEH__vectored YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/escalate_priv YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/GenerateTLSClientHelloPacket_Test
88b42f4e9df2396dec56cfefe1ffb73f0ba183240ed8341399960f22687bf019	PE32	2022-03-20 11:26:15	User Submission	YRP/VC8_Microsoft_Corporation YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/anti_dbg YRP/disable_dep YRP/escalate_priv YRP/screenshot YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Advapi_Hash_API YRP/Str_Win32_Wininet_Library
93f0d08b71ee7e46d00f76300de83a057b22103be7b981eb80e6631eea85b709	PE32	2022-03-20 11:00:19	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/disable_dep YRP/keylogger YRP/Big_Numbers1 YRP/Njrat YRP/njrat1 FlorianRoth/DragonFly_APT_Sep17_3 BAMFDetect/njrat
fa97db58a7d2d7caf8c20b1fd651916b4ccd46a4159195864face96757cae8b3	PE32	2022-03-20 02:24:10	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_Random
88959bc277fb2a520b173e11ba4e52e5602e64091c38089d77c0f0e9ecf7aba9	PE32	2022-03-20 02:22:01	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_Random
ca33fe8b4199da190bef8a576c3e114cb87b1b66c611f850310032dd36be4fb0	PE32+	2022-03-20 02:18:39	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API
10641a603b3399922ec82a983e6098e8fcea728054d806440012226b3fd379c1	PE32	2022-03-20 02:16:31	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_Random
44bbf648ecae541ed82fc45b923bac8c06a5a029f110def3fb16bc200e095c69	PE32+	2022-03-20 02:11:27	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/Str_Win32_Winsock2_Library
fa3a9fbeee52cc531318ec3065626ea57c0324515e432b8a5d5719ed2860c993	PE32	2022-03-20 02:05:32	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_Copy
6e4577bc7c8dca940fddbe57b543153e75abd39d261faec403efb8a5a35d243a	PE32	2022-03-20 02:02:23	User Submission	YRP/ASProtect_v132 YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/disable_dep YRP/create_service YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_sbox YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table
49dd443a920c91b21031401b2cd703dc4d48f78c45134caffb9a449116c1853d	PE32+	2022-03-20 02:00:22	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasDebugData [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation
41c1fd113e1ce21fb983a56e052608693c0ae0cd90b7948d11bb90ac72991ecb	PE32	2022-03-20 00:12:46	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/Obfuscated_Strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/disable_dep YRP/inject_thread YRP/network_dropper YRP/network_dns YRP/escalate_priv YRP/keylogger YRP/sniff_audio YRP/cred_ff YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API FlorianRoth/Malware_Floxif_mpsvc_dll
f0e32e7fb7c37a8740b558745334cb526675456d1e945ee999cf01d4c7e30919	PE32	2022-03-19 23:00:25	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/contentis_base64 YRP/disable_dep YRP/keylogger YRP/Njrat
89a9279a31e78ceb036d8be5b2e3c7aeb1021a05cff7bbd5e5025250c911234b	PE32+	2022-03-19 23:00:19	User Submission	YRP/possible_includes_base64_packed_functions YRP/IsPE64 YRP/IsWindowsGUI YRP/domain [+] YRP/IP YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/SEH__vectored YRP/disable_dep YRP/create_service YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
0718244177a1cf69342f09c7733cc9cb4407f0145175553d591af5d818a28fef	PE32	2022-03-19 17:00:33	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall YRP/UPX YRP/suspicious_packer_section
87ff00329e3ebad98a23cf98e0131127fb419858951bcef4ac89cee791c5b445	PE32	2022-03-19 02:26:20	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall
0aee938135e7aa73d7e7f539e26ae8bd9ecc5b6f4d3748bd193e94db31a9a71a	PE32	2022-03-19 02:12:40	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall
9b30071b10d83a0402df72f702bbdf621f699a9819ed617265741775d5f918a0	PE32+	2022-03-19 02:08:26	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API
f832c9561ca88b8e9ddb0720c70dc4284c89a103a956d15b95939db1375624d4	PE32	2022-03-19 02:06:24	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/disable_dep YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Http_API
ca035772c4c5c1e071b4773b2deb2aa85657c2212bc29d9f91bd3af45544989c	PE32	2022-03-19 02:04:56	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall
700fb4ddefeb44933ad0dc572a2d3f920024b9f69d597bde075666e24ad93351	PE32	2022-03-19 02:02:07	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/disable_dep YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Http_API
39b4a0d1f40843f6c55c235eef670d3558e1d8f12a22cc0ee6b4a7135b042aba	PE32	2022-03-19 02:01:57	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall
7cc4f1580d6f425b3025bdb83a4782bea363f6d8c1c7fa6374e159aa06327ca2	PE32	2022-03-18 15:00:54	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/disable_dep YRP/keylogger YRP/Big_Numbers1 YRP/Njrat YRP/njrat1 BAMFDetect/njrat
43c76cdca2ccc1cf972b36d384d367e6d521b574bda36f09e38319ce0d9897bf	PE32	2022-03-18 02:36:18	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall
09119b9800a3b928ddfdf328d50d89e38dec1e5db73fa8da8bc3856238b8a24d	PE32	2022-03-18 02:32:50	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_Copy
c33a7c85b6f0df94a2cfce0be2df2ffc211515210d02d6892a808b768f9f32f9	PE32	2022-03-18 02:22:21	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerException__SetConsoleCtrl YRP/disable_dep YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/Delphi_FormShow YRP/Delphi_CompareCall
7816f3c9c1c2f18fd7b9fe0191de54d2bc97fbfd970e4e44c94de51d0d562b7f	PE32	2022-03-18 02:22:06	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall
ca49097335b3d47f5686d7c609f866cdf7ee949eda7059df8a962cf0702d9c67	PE32+	2022-03-18 02:09:13	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/Str_Win32_Winsock2_Library
6adefb22cd3d29700f312bf22902ac40a89044f38c428234ae0f25588fafb9d6	PE32	2022-03-18 02:07:54	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_Random
4a342bfe78384a69f32343586ac44337a4cfe56f9ad0da53554f1f710e204f26	PE32	2022-03-18 02:07:20	User Submission	YRP/Safeguard_103_Simonzh YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API
0a4b6eb3fb7224999af6a467ec04008382ee3ad9762fbaaf858fa1c3bf08e269	PE32	2022-03-18 02:06:21	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_Random
3283ed0936dec0dabc46ed01b8dae77efffd70e28d15ed62b73320966f197729	PE32	2022-03-18 02:04:42	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/disable_dep YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Http_API
2b96020d8b2dbb9c19a9957c3916d647f355ba801b675f75036ea70cd074d2d9	PE32	2022-03-18 02:04:29	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall
711c8471d89344608e80bfa218cb43212bbd6305ee32bcd0657136e52a435751	PE32	2022-03-18 02:03:33	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall
543df65661d5868715d33476df677bfdc8b15d3cd7e013d442cd88fc8e7e18e9	PE32	2022-03-18 02:02:36	User Submission	YRP/Safeguard_103_Simonzh YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API
019f56fc6c2d5185101273fd4d4d046c7a81f6656da4048a7188cb339c73d393	PE32	2022-03-18 02:02:02	User Submission	YRP/Safeguard_103_Simonzh YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API
8abc0bfb7512996e6525448701d4a186e852565c91d562b95a7cd3d69c89c52b	PE32+	2022-03-18 02:01:36	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API
b912d4702316d3ecc81d24694a642ccb8b898714ebf6e0c2bbe011fb0c319222	PE32	2022-03-17 02:22:49	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_Random
21c798a7d465f977ad9ea0da21c002075752d6b8c7aec10a999eaf171a0915ee	PE32	2022-03-17 02:21:26	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall
183714cdc8f02bd49f5fe6c4bdfc2b99d88a02724049d57dd53911e48fb97224	PE32	2022-03-17 02:10:39	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall
da16a0d5020d0e4a5a8a751b949b2adac00ac83d8ccbe0ef80f574703b98b281	PE32+	2022-03-17 02:08:55	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API
3d74d778ca28d0ea624c6477efa6f252da6468083c3f0def72dbce0213dda16d	PE32	2022-03-16 02:44:14	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall
10730323baa57f8025db1960e22bba0829614a97d5ae0b0bd3869f06a22fe32f	PE32	2022-03-16 02:42:20	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerException__SetConsoleCtrl YRP/disable_dep YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/Delphi_FormShow YRP/Delphi_CompareCall
089f4881e15fcb22d080428ce0335ce61b6faf910d02bbb5286157c9489671d9	PE32	2022-03-16 02:16:55	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/disable_dep YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Str_Win32_Http_API
c2e87800db54e6dc5e3e71a47fc722806c04f2d872b3e274fe1b5db081e6f5eb	PE32	2022-03-16 02:15:25	User Submission	YRP/ASProtect_v132 YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/disable_dep YRP/create_service YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_sbox YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table
b429896b309d7938a80a817bf25cd99c2f4633e029f292c2cd7ab1584c2a9b9e	PE32	2022-03-16 02:14:20	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/anti_dbg YRP/disable_dep YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API
cbcd7e388b8aaffafac41297fc429822ed5ac3f4727274592b7bb0fcec35185c	PE32+	2022-03-16 02:14:00	User Submission	YRP/Microsoft_Visual_Cpp_80 YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/anti_dbg YRP/disable_dep YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API
076b4c9e172a29a4a4223c736d9e386a64cdf35d1c7d7b2db3c570d86e43b7f9	PE32	2022-03-16 02:13:19	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall
ce27b33abf004ad24027146765811b4cd4a3a8f1f7ad8f1b5d896d6238d91003	PE32	2022-03-16 02:10:45	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerException__SetConsoleCtrl YRP/disable_dep YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/Delphi_Random YRP/Delphi_FormShow
30cad8ab138fe687c46581f37aa6288b609f1a37c3ef250a5a09691efc2d59b9	PE32	2022-03-16 02:10:22	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_Random
18099837d8fadbd041d1c3b1b50c8d5644491dbe512f9de87eb8b3c6fbf92cfd	PE32	2022-03-16 02:08:55	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_Random
1826249d68178006da5d1d5d254483fe510c186ec3738215c7b156ca8112782a	PE32+	2022-03-16 02:08:27	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API
404690bd85b3c7b852503976a624b01206cd102e4ccac99959b54d5773571030	PE32	2022-03-16 02:04:59	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall
77358157efbf4572c2d7f17a1a264990843307f802d20bad4fb2442245d65f0b	PE32+	2022-03-16 01:19:46	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/disable_dep YRP/network_tcp_socket YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Advapi_Hash_API YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API
fbc66b75d41324979e33746db3865526f64388a2dc3f8dc50e7fdc1d7bcbd763	PE32	2022-03-15 23:04:32	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/VMWare_Detection YRP/Dropper_Strings YRP/SEH__vba YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers4 YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/BlackShades_4
39586d1d2708b26ebcb188599b9564f8657b879f32c27c1a156288c0399fa83e	PE32	2022-03-15 18:04:06	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/VMWare_Detection YRP/Dropper_Strings YRP/SEH__vba YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers4 YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/BlackShades_4
b6137dce9ddca24ba720d65ffb2fadac112e268e3be6e82fdd30c778f34249c0	PE32	2022-03-15 18:03:44	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/VMWare_Detection YRP/Dropper_Strings YRP/SEH__vba YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers4 YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/BlackShades_4
bce0ea4a85e5bc6af2dfe91b1ceef3416f210aa4f5c9cf8e6adf1b7f4aacf874	MS-DOS	2022-03-15 15:01:13	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasModified_DOS_Message [+] YRP/domain YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/disable_dep YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_hook YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
023b8023103c7552edd26f2f822f07dfdddb3e45bc6f512e22a994dfcc7e0b37	PE32	2022-03-15 14:01:26	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/disable_dep YRP/network_smtp_dotNet YRP/cred_local
201215fdd6ba159d22621f2424f75b25fbe6dac1c85126e174e4ae999ef88111	PE32+	2022-03-15 12:05:25	User Submission	YRP/IsPE64 YRP/IsConsole YRP/domain YRP/contentis_base64 [+] YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/SEH__vectored YRP/disable_dep YRP/create_service YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers3 YRP/Str_Win32_Winsock2_Library
8eb91c20f5f5dd0878a5bca1fdead8a5d860f0842b2f7123c062db73ba36b2ff	PE32	2022-03-15 08:03:22	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/VMWare_Detection YRP/Dropper_Strings YRP/SEH__vba YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers4 YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/BlackShades_4
6d20a6f85f4fcafe0a962f8935b234b813ff62f83ac40fc1d6560df27f56140c	PE32+	2022-03-15 02:05:04	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation
a5875de43cf8340cfb1519101751ce20b6be782e2e671e18e165b57c7ed77cc1	PE32	2022-03-15 02:03:23	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall
2ae978b0b585cc8abef0d5b40ce4327a869cf7046fbb4fcbc29987ad99c0afca	PE32	2022-03-15 02:01:35	User Submission	YRP/possible_includes_base64_packed_functions YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional [+] YRP/Borland_Delphi_30_ YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall
e806f1a9a73dd6dfdefd352e56a78cfef7e25c30ff96764a62e3e2c963c63c0e	PE32	2022-03-14 20:04:54	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall YRP/UPX YRP/suspicious_packer_section
7cef1246b0ea1a39d4c463e7bcac2888434fc233588e39a35036aa0fe1a6c03d	PE32	2022-03-14 20:01:08	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/disable_dep YRP/Njrat FlorianRoth/DragonFly_APT_Sep17_3
9531b2062aa7a49bc141d406496202c741cd77c290bfb270afd17a6a667a61f5	PE32	2022-03-14 17:03:44	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/VMWare_Detection YRP/Dropper_Strings YRP/SEH__vba YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers4 YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/BlackShades_4
b9394bada68ab53e38dfc90819a1674cc7798ef507610fc0f596b2cb51d95edb	PE32	2022-03-14 14:01:49	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_Copy
0894ae0db1e06e2b0b004f136839e674c2c791731e9377636717824429c18c07	PE32	2022-03-14 11:04:11	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/contentis_base64 YRP/disable_dep YRP/network_dns YRP/win_registry YRP/Nanocore_RAT_Gen_2 YRP/NanoCore FlorianRoth/RAT_NanoCore FlorianRoth/Nanocore_RAT_Gen_2 KevTheHermit/NanoCore BAMFDetect/NanoCore
c7a41760765b72d1047f807c30074f8a890cfd4d2323e27610a26ddcdf4c8f08	PE32	2022-03-14 11:01:53	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/disable_dep YRP/keylogger YRP/Njrat YRP/win_exe_njRAT FlorianRoth/DragonFly_APT_Sep17_3
080b7ef0046b6b9f7b805dc02b796f0bb1a24de16c08af48bd3753324eb3426f	PE32	2022-03-14 10:03:07	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_Copy
7c7ef413f202f872188b5f8bc03da7bcdc949e173e5ff36b3babec039df3e7ab	PE32	2022-03-14 06:02:17	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/VMWare_Detection YRP/Dropper_Strings YRP/SEH__vba YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers4 YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/BlackShades_4
d10f117516df0d5dba43a98df06be55451ab3817ff157e1bc165d719a6f32f7e	PE32	2022-03-14 05:13:55	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_Random
afdc3d72032d56d1fab0c0ef624b2cc52abc7212cc8a7260a9e410ec948fd92e	PE32	2022-03-14 05:10:17	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/disable_dep YRP/network_smtp_dotNet YRP/cred_local
d0c8ca7027639de3cdf9c1cfdfffed28408fef63e82ef0127eb880c0e6418a35	PE32	2022-03-14 05:09:28	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/disable_dep YRP/network_smtp_dotNet YRP/cred_local
d03ab9efe6c4b84da403147aec28dd95f913996ba8e42fae209ae94304e86ffa	PE32	2022-03-14 05:01:00	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_Random
05fba1690775e9cb74ab263fade4cce839f7dc423fe03e943cd158c736b4fd13	PE32	2022-03-14 04:05:49	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall YRP/suspicious_packer_section
004d0086ed2bd7ee006c33f4e004e14be04e7288cd698db9b3ceca7d4e8d0bb7	PE32+	2022-03-14 04:04:54	User Submission	YRP/Microsoft_Visual_Cpp_80 YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/DebuggerException__SetConsoleCtrl YRP/disable_dep YRP/win_mutex YRP/BASE64_table
219b6e30050900a55d0b4feede8b42b26f5b5fb920771be0c6e8b6b87dd75536	PE32	2022-03-14 02:22:24	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_Random
210ff7b7a239a4d0543dd9c809034c0bb8dcd9d1e89529cdbe2a5c249d9e03a8	PE32	2022-03-14 02:21:04	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall
d3dcc08c9b955cd3f68c198e11d5788869d1b159dc8014d6eaa39e6c258123b0	PE32	2022-03-14 02:17:26	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/anti_dbg YRP/disable_dep YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant
df578f651c866da80757de0d15fcafa948c09b106a524a5ec4ddc565204a5c53	PE32	2022-03-14 02:02:32	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_Random
5017a46457093b5f67a3088197253aa4fbd4dd0e67657bc687e2fe61e4775e59	PE32	2022-03-14 02:01:48	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/borland_delphi YRP/borland_delphi_dll YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall YRP/Delphi_Copy
da3093ccc4f5a69fcba0bddfd7c214084927116626caced43872f8cebacf3a63	PE32	2022-03-14 02:01:06	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/ThreadControl__Context YRP/anti_dbg YRP/disable_dep YRP/network_smtp_dotNet YRP/network_dns YRP/keylogger YRP/win_hook
59d0f1e78929560eb56a7e0c82be83808412086fc93d2d06f6a276f026e6859d	PE32	2022-03-13 23:42:07	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_Copy
ff65a8d77ade37fae5f4caccfcf172f26534647c1deae8731ff374a48038d9e8	PE32	2022-03-13 19:02:23	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/disable_dep YRP/keylogger YRP/Big_Numbers1 YRP/Njrat YRP/njrat1 BAMFDetect/njrat
ca8f58041a60ba0fd63ef086198825f17763000986a67e43f16d94148caaf671	PE32	2022-03-13 16:02:42	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/contentis_base64 YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/disable_dep YRP/keylogger YRP/Njrat
eef71f71558c00b5c16211b4b937208969c4e460d763015f614c3cda1db7bfba	PE32	2022-03-13 11:02:36	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/disable_dep YRP/network_smtp_dotNet YRP/cred_local
580d89e6944aa9415537b77d404919fbaac5a331908b66f62360243fa79f6b15	PE32	2022-03-13 02:27:18	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall
329d2b3a286fa405b03606bf5370335cd253d8f0ce84ed5a02a1eed3dd893965	PE32	2022-03-13 02:23:59	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall
c0c07066cd8dcfc096de94fbdc75b8d2be6ea44d99dfbd2c40f8ee69b38e9acd	PE32	2022-03-13 02:19:05	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerException__SetConsoleCtrl YRP/disable_dep YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/Delphi_FormShow YRP/Delphi_CompareCall
14581a0bc4c7e848601c3f7e34f53075e2d5a9be1a9fd75353f9d82db31232a3	PE32	2022-03-13 02:14:45	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsConsole [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/disable_dep YRP/win_registry YRP/win_files_operation YRP/BASE64_table
c53eb14ac0be060719fa9e46bd107a406242401ff59a1cca2d6a79c2405aca78	PE32	2022-03-13 02:12:48	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_CompareCall
2bc8f925e29f337a8367e9c38aaacb27831a6381c38bfe8cbc24c64eaf49af1d	PE32	2022-03-13 02:11:09	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_Random
0bff480ea39c98371b4064f7c63b05bae42544d5c475e1447c0f276f12cb80bf	PE32	2022-03-13 02:10:41	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/disable_dep YRP/escalate_priv YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Delphi_Random

Recent Searches
yrp/disable_dep
yrp/nbinderv40
yrp/dcp_rijndael_encryptecb
yrp/cyberlords_sql_php_php
yrp/telock099te
yrp/irontiger_readpwd86
yrp/nsfreestrings
yrp/autoit_compiled_script
yrp/rtf_yahoo_ken
yrp/r57shell_php_php

Search

Recent Searches