MalShare

SHA256 Hash	File type	Added	Source	Yara Hits
c27c16af4d315e2022f2bda8d6f7ed9802ca944c3005d70a08f7ca9763b31b20	PE32	2022-03-20 23:16:49	User Submission	YRP/VC8_Microsoft_Corporation YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/inject_thread YRP/network_tcp_listen YRP/network_smtp_raw YRP/network_dropper YRP/network_tcp_socket YRP/network_dns YRP/network_dga YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/sniff_audio YRP/migrate_apc YRP/spreading_file YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section YRP/GenerateTLSClientHelloPacket_Test
08b4215f1682fe599d8246a5b2dd0b2cdb4545892c47dd6481ade3d2563815bb	PE32	2022-03-19 03:24:15	User Submission	YRP/Safeguard_103_Simonzh YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
f6ae7232bae7df2bcef0146c867f4288e52c2ff8a365d0d665a20c5d35112676	PE32	2022-03-18 03:24:09	User Submission	YRP/Safeguard_103_Simonzh YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
3e022380a4b739fa20d9a66ddf0e7f814b6b46ebe603b19f85bd6261408bd2ca	PE32	2022-03-18 03:21:03	User Submission	YRP/Safeguard_103_Simonzh YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
d08dd2a47f0201bcc488dc7c5bef4ee61bbbc02b26941567ae33b5016fd643d7	PE32+	2022-03-18 03:03:57	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
461e0c83c06e8d9a92f96883f823db68d910fee85faea7af4b6ccc5fa8284905	PE32	2022-03-17 15:02:53	User Submission	YRP/VC8_Microsoft_Corporation YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/inject_thread YRP/network_tcp_listen YRP/network_smtp_raw YRP/network_dropper YRP/network_tcp_socket YRP/network_dns YRP/network_dga YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/sniff_audio YRP/migrate_apc YRP/spreading_file YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section YRP/GenerateTLSClientHelloPacket_Test
dae84e7d788ebacc7079cc34a271010ec37e05eef3a679a8732b736e94eb3057	PE32	2022-03-17 15:02:43	User Submission	YRP/VC8_Microsoft_Corporation YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/inject_thread YRP/network_tcp_listen YRP/network_smtp_raw YRP/network_dropper YRP/network_tcp_socket YRP/network_dns YRP/network_dga YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/sniff_audio YRP/migrate_apc YRP/spreading_file YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section YRP/GenerateTLSClientHelloPacket_Test
386b39cb3cc76bda5984f68ee427314c61166aff557d9c243fad0d6b731293c9	PE32	2022-03-17 15:02:31	User Submission	YRP/VC8_Microsoft_Corporation YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/inject_thread YRP/network_tcp_listen YRP/network_smtp_raw YRP/network_dropper YRP/network_tcp_socket YRP/network_dns YRP/network_dga YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/sniff_audio YRP/migrate_apc YRP/spreading_file YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section YRP/GenerateTLSClientHelloPacket_Test
02da26837a1d99bdbfb6eb4866b4b9e9f07feb82fbc7113b40aa83183882ee69	PE32+	2022-03-17 03:09:12	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
8e072ac9ba7b4487da747a25965038893fff1005cc4368c762e9164b460731fc	PE32+	2022-03-16 03:32:22	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__RemoteAPI YRP/DebuggerException__SetConsoleCtrl YRP/Check_Debugger YRP/anti_dbg YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers2 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Http_API YRP/RooterStrings YRP/Rooter
bce0ea4a85e5bc6af2dfe91b1ceef3416f210aa4f5c9cf8e6adf1b7f4aacf874	MS-DOS	2022-03-15 16:01:13	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasModified_DOS_Message [+] YRP/domain YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/disable_dep YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_hook YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
3232e15d7946e004441eb6c5440392fd8fb6f6d1f1408c11c875dc0abdafe26b	PE32+	2022-03-13 03:25:58	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__RemoteAPI YRP/DebuggerException__SetConsoleCtrl YRP/Check_Debugger YRP/anti_dbg YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers2 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Http_API YRP/RooterStrings YRP/Rooter
e69119392e8dc2aa8ee19a8b2cf7c222c031766e2cf3d90a2346cea37ec807ba	PE32	2022-03-13 03:21:16	User Submission	YRP/Safeguard_103_Simonzh YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
5fc2f56298b7ce631a839f63f8f1acb4168ed95f2857f0e38974a4a686032f62	PE32+	2022-03-13 03:18:36	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
c37c539ad9b586347d5403b6c3a713a1d5f73dbbb52f9d90a8ff9b26829df541	PE32+	2022-03-12 03:07:58	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/create_service YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Http_API
e1ca3752e78fd6542bef3c50958c220e6a767a360a90c243ff2948f2c08fd453	PE32+	2022-03-12 03:06:23	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/create_service YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Http_API
ff2880d62335ef3f28baa447b4372e15de6919f2e57674c569574bc4bfbac348	PE32	2022-03-11 04:01:55	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/MinGW_1 [+] YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/inject_thread YRP/network_dropper YRP/escalate_priv YRP/migrate_apc YRP/win_token YRP/suspicious_packer_section
707069270cec39d33751bdec4100130b0df6416b5428b5e99ea0519c32dac48a	PE32+	2022-03-11 03:12:34	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
723894dd9c2f37d7cad7b1504df30ea3c21a660fbd173f6cabc60c890fcac967	PE32	2022-03-10 03:24:48	User Submission	YRP/Safeguard_103_Simonzh YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
d13c62bd1c7d3d58d5fb3b2ded2dd0a109fc00ac6358c7b895bf52d7c0e5d6a9	PE32+	2022-03-10 03:07:34	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__RemoteAPI YRP/DebuggerException__SetConsoleCtrl YRP/Check_Debugger YRP/anti_dbg YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers2 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Http_API YRP/RooterStrings YRP/Rooter
d02ab32416450b521f3fa92cdcfd89dbf1967120a42a7e68fa8c90fce79101bb	PE32+	2022-03-09 03:11:23	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
758cf777a8e37aff61f37a070bfc67716cc30723035b4ed4692c4fe9717775a5	PE32+	2022-03-09 03:05:59	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
99acd04fc77abe7829c5fb51638d448efbeb7053aa62aa29412fbc3d1321d569	MS-DOS	2022-03-08 15:02:55	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasModified_DOS_Message [+] YRP/domain YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/disable_dep YRP/network_http YRP/network_tcp_socket YRP/network_dga YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_hook YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
436d6d226550ed2e15292a65859fc41cde7cde6b34e83e10dff0518036cd1787	MS-DOS	2022-03-08 14:03:52	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasModified_DOS_Message [+] YRP/domain YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/disable_dep YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_hook YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
8b5e23b6fec77ca9ef5b22fdbc80ac42d7199c5638b90b45040e0f1038e72b1b	MS-DOS	2022-03-08 11:05:17	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasModified_DOS_Message [+] YRP/domain YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/disable_dep YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_hook YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
db30aad9b13c07d82d751d949f2bfa47483f36462f9f49e94878f80088027188	PE32+	2022-03-08 03:16:40	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
a6cec6c55fec3b14c1ed6b03d95d80cf66c5f521dddf452429182d93e8709d81	PE32+	2022-03-08 03:04:26	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__RemoteAPI YRP/DebuggerException__SetConsoleCtrl YRP/Check_Debugger YRP/anti_dbg YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers2 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Http_API YRP/RooterStrings YRP/Rooter
be945e37991c33d8049717156cfb7a7bef64cd753d767803d992d7dbf7a7c247	PE32+	2022-03-08 02:02:54	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/Cygwin YRP/MinGW_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_dropper YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/Str_Win32_Wininet_Library
6256f83fab76ac6aa06ee1ac0cdb5080ba5879e943443ec55ccd748104651b4a	PE32+	2022-03-06 03:50:06	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/Sandboxie_Detection YRP/Dropper_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/Check_Dlls YRP/anti_dbg YRP/antisb_sandboxie YRP/disable_dep YRP/escalate_priv YRP/screenshot YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Advapi_Hash_API
512fd444ea3fd6ebc7cfaca46d9dc288dcfb70c9f0ce7bba979fc1c307826175	PE32+	2022-03-06 03:07:34	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
723d2a3d98ea5a47ac3765a6619959728e0f12139a98934297f61e99261595eb	PE32	2022-03-05 03:28:22	User Submission	YRP/Safeguard_103_Simonzh YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
31f7d8b1a4a342598b783c4802624ac616582a6c1596e6a3d235616137a9a977	PE32+	2022-03-05 03:13:10	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__RemoteAPI YRP/DebuggerException__SetConsoleCtrl YRP/Check_Debugger YRP/anti_dbg YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers2 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Http_API YRP/RooterStrings YRP/Rooter
ca0f93c456260737da27777ac844e7879deca101bc06d971b1a4bd12dbc57f37	PE32+	2022-03-05 03:10:57	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/create_service YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Http_API
778e7ebb2d30b2f5064da36e2622786a065fa57287eab8126ee5795246dc7dfc	PE32+	2022-03-05 03:05:04	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/create_service YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Http_API
149aa3db51fe6f4a04e121e443c89dc3f95ca362f0fc2994dc6e125cd0a676a5	PE32	2022-03-04 08:05:06	User Submission	YRP/VC8_Microsoft_Corporation YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/inject_thread YRP/network_tcp_listen YRP/network_smtp_raw YRP/network_dropper YRP/network_tcp_socket YRP/network_dns YRP/network_dga YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/sniff_audio YRP/migrate_apc YRP/spreading_file YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section YRP/GenerateTLSClientHelloPacket_Test
685981aac330662c79cef6d260e77cd287a66f5fd5f324ebb9d3d40944e9e901	PE32+	2022-03-03 03:13:55	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
6e1e5df7ccf85ed23f3cf98959e47b3a69d59bd0170ae489f37df6c28bd53ce1	PE32+	2022-03-02 03:07:05	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__RemoteAPI YRP/DebuggerException__SetConsoleCtrl YRP/Check_Debugger YRP/anti_dbg YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers2 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Http_API YRP/RooterStrings YRP/Rooter
53b3ebaa3c485772f8e6abaa0f366ef192137496a7064e015ced4e6fc204b3c8	PE32+	2022-03-01 18:01:15	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasDebugData [+] YRP/HasRichSignature YRP/powershell YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/WMI_strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/migrate_apc YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers2 YRP/CRC32_poly_Constant YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
93d5291a8c81a426309d688c3b44552824b3dcf4239948154877e895b22de285	MS-DOS	2022-03-01 16:03:10	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasModified_DOS_Message [+] YRP/domain YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/disable_dep YRP/network_http YRP/network_tcp_socket YRP/network_dga YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_hook YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
cde070a46442e1a06c722393a335e8c104904a0581d890bf25a13f9c0db39473	MS-DOS	2022-03-01 16:03:04	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasModified_DOS_Message [+] YRP/domain YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/disable_dep YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_hook YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
fc456d0ac2cfee099478997953f2c7d4e07b47fe32bb109b1a9e40fa6aceb93d	MS-DOS	2022-03-01 16:02:58	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasModified_DOS_Message [+] YRP/domain YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/disable_dep YRP/network_http YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_hook YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
e40aebcbc975e71e77cd85240d93690a81c876d7045bd9c2284da9dc9ef0efe1	MS-DOS	2022-03-01 16:02:52	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasModified_DOS_Message [+] YRP/domain YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/disable_dep YRP/network_http YRP/network_tcp_socket YRP/network_dga YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_hook YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
0e433cfe814606aae06e4299d01d28188ad256bad8f822588c87d69f5160d0a7	PE32+	2022-02-28 03:05:55	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
90221cd8dde719193e1fb0586257bdfb8999edddd8330f1efcd843b3bac5c244	PE32+	2022-02-28 03:04:33	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
a66c599f735faf0d4e2d49e4a4d5fc97e68013e666e5d6d8f0ff840dfde42fab	PE32	2022-02-25 01:54:40	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/Dropper_Strings YRP/WMI_strings YRP/DebuggerCheck__QueryInfo YRP/SEH__vba YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/network_http YRP/network_dropper YRP/network_dga YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section
51cf8e9e37f5a3204458079cb8ed56059ebc376f4b02c361f2ea13ef39612ea5	PE32	2022-02-24 21:38:31	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Antivirus YRP/Dropper_Strings YRP/WMI_strings YRP/BITS_CLSID YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/create_service YRP/network_dropper YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/VC8_Random YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
b6254a5fe25d225bdfd97167d890fa5864c57762283c7a7826b79b13672811d4	PE32	2022-02-24 20:48:24	User Submission	YRP/ASPack_v212_additional YRP/ASPack_v21_additional YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov YRP/ASPack_v212 [+] YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/ASPack_v211d YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov_additional YRP/ASPack_212withouth_Poly_Solodovnikov_Alexey YRP/ASPack_v212_Alexey_Solodovnikov YRP/ASPackv212AlexeySolodovnikov YRP/ASProtectV2XDLLAlexeySolodovnikov YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/WMI_strings YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/network_http YRP/network_ftp YRP/screenshot YRP/keylogger YRP/cred_local YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section
da15b466803e39c061ade272dfd8a9a36e6170e520d174a7025616c3c96b0637	PE32	2022-02-24 20:25:42	User Submission	YRP/ASPack_v212_additional YRP/ASPack_v21_additional YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov YRP/ASPack_v212 [+] YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/ASPack_v211d YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov_additional YRP/ASPack_212withouth_Poly_Solodovnikov_Alexey YRP/ASPack_v212_Alexey_Solodovnikov YRP/ASPackv212AlexeySolodovnikov YRP/ASProtectV2XDLLAlexeySolodovnikov YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Antivirus YRP/DebuggerException__ConsoleCtrl YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/escalate_priv YRP/keylogger YRP/migrate_apc YRP/spreading_file YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
7f7f7384f17a1d3087c29296c146b009f327f28ecad1633ebd735618516981dd	PE32	2022-02-24 20:14:27	User Submission	YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/HasDebugData [+] YRP/IsBeyondImageSize YRP/ImportTableIsBad YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/anti_dbg YRP/migrate_apc YRP/win_files_operation
0e4a7f847a6dd749d4c42f1ad5702261b390c5ce899b0772fd3bd688f5ec2769	PE32	2022-02-24 20:13:58	User Submission	YRP/ASPack_v212_additional YRP/ASPack_v21_additional YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov YRP/ASPack_v212 [+] YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/ASPack_v211d YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov_additional YRP/ASPack_212withouth_Poly_Solodovnikov_Alexey YRP/ASPack_v212_Alexey_Solodovnikov YRP/ASPackv212AlexeySolodovnikov YRP/ASProtectV2XDLLAlexeySolodovnikov YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Browsers YRP/Antivirus YRP/Dropper_Strings YRP/BITS_CLSID YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/create_service YRP/network_http YRP/network_dga YRP/escalate_priv YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
a878938150b2bf8840c36d6ecfa24c6ef51c7b8bb5bda22b375a2c9b94a3da13	PE32	2022-02-24 20:09:36	User Submission	YRP/ASPack_v212_additional YRP/ASPack_v21_additional YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov YRP/ASPack_v212 [+] YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/ASPack_v211d YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov_additional YRP/ASPack_212withouth_Poly_Solodovnikov_Alexey YRP/ASPack_v212_Alexey_Solodovnikov YRP/ASPackv212AlexeySolodovnikov YRP/ASProtectV2XDLLAlexeySolodovnikov YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Antivirus YRP/anti_dbg YRP/inject_thread YRP/escalate_priv YRP/screenshot YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/suspicious_packer_section
67d5d2ca0bd22c536e66ca3a7d506588ecb63f47c473992b9ded2631cded5f00	PE32	2022-02-24 19:10:22	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/network_http YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/spreading_file YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
64fcf7e81c2ba04705b2d38d0dbf03835d8fdd884f11143ae217287988ea83e7	PE32	2022-02-24 18:57:26	User Submission	YRP/ASPack_v212_additional YRP/ASPack_v21_additional YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov YRP/ASPack_v212 [+] YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/ASPack_v211d YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov_additional YRP/ASPack_212withouth_Poly_Solodovnikov_Alexey YRP/ASPack_v212_Alexey_Solodovnikov YRP/ASPackv212AlexeySolodovnikov YRP/ASProtectV2XDLLAlexeySolodovnikov YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Browsers YRP/Antivirus YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/escalate_priv YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
0f1199b35f20253e59d77faf7b96813a76a2edcb4318c07977741e447ad818d6	MS-DOS	2022-02-24 18:42:06	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasModified_DOS_Message YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/disable_dep YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32b_poly_Constant YRP/Delphi_Random YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/suspicious_packer_section YRP/IMPLANT_4_v3_AlternativeRule FlorianRoth/IMPLANT_4_v3_AlternativeRule
f23fc6633f6c8d899b411c600f2329f07f424d6d715fe2ced5004b7fafcbd17d	PE32	2022-02-24 18:23:53	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 [+] YRP/Microsoft_Visual_Basic_v50_additional YRP/Microsoft_Visual_Basic_v50v60_additional YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/SEH__vba YRP/vmdetect YRP/anti_dbg YRP/disable_dep YRP/network_dropper YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
bcb6937e02f84b7f0037e2c1101a5c17b4c6a0baa1bf31e3d41df99766ad4b42	PE32	2022-02-24 18:20:53	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/Dropper_Strings YRP/SEH__vba YRP/anti_dbg YRP/antisb_threatExpert YRP/network_dropper YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/cred_local YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/UPX YRP/suspicious_packer_section
79d5fcf283e22d12c3aaa99a8ab7dc777551c79b0df8907319fae645d877bcc8	PE32	2022-02-24 18:20:05	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/NETexecutableMicrosoft YRP/IsPE32 [+] YRP/IsConsole YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/WMI_strings YRP/anti_dbg YRP/disable_dep YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dga YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
d19377617d7f834923d277f4eecac3ccbe106c901cab7079d5bdabc60b18fa5d	PE32	2022-02-24 18:13:41	User Submission	YRP/ASPack_v212_additional YRP/ASPack_v21_additional YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov YRP/ASPack_v212 [+] YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/ASPack_v211d YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov_additional YRP/ASPack_212withouth_Poly_Solodovnikov_Alexey YRP/ASPack_v212_Alexey_Solodovnikov YRP/ASPackv212AlexeySolodovnikov YRP/ASProtectV2XDLLAlexeySolodovnikov YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Antivirus YRP/DebuggerException__ConsoleCtrl YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_dropper YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/suspicious_packer_section
5279c7896de735b81d5de9ba4d134c1e0fe518e8bb2dfc6b8461e769ba9dd23b	PE32	2022-02-24 17:54:52	User Submission	YRP/ASPack_v212_additional YRP/ASPack_v21_additional YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov YRP/ASPack_v212 [+] YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/ASPack_v211d YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov_additional YRP/ASPack_212withouth_Poly_Solodovnikov_Alexey YRP/ASPack_v212_Alexey_Solodovnikov YRP/ASPackv212AlexeySolodovnikov YRP/ASProtectV2XDLLAlexeySolodovnikov YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Antivirus YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/suspicious_packer_section
32ea168d42d235c422299d11df6eb9e296dc89d9db0f6a38d3eded9b1a4d61f7	PE32	2022-02-24 17:20:01	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/ppaction YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/SEH__vba YRP/anti_dbg YRP/network_tcp_listen YRP/network_http YRP/network_dropper YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
83934bae8994eedd37b0fb791c6f485cb2a4483bbf3fceb33a398bfe32e37e70	PE32	2022-02-24 17:14:37	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/SEH__vba YRP/anti_dbg YRP/migrate_apc YRP/win_files_operation YRP/android_meterpreter
b3383c790246f345bd358fc233f7c743c0c1ac44fe765b8cdaee2ad27dce5632	PE32	2022-02-24 16:30:55	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/network_dropper YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Advapi_Hash_API YRP/Str_Win32_Wininet_Library YRP/suspicious_packer_section
ebd079043d11ba87d553fca1f2224d6abe3c495e4880b4d61a290fa8b6248aa1	PE32	2022-02-24 15:50:57	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasModified_DOS_Message YRP/domain YRP/contentis_base64 YRP/anti_dbg YRP/inject_thread YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Advapi_Hash_API
ca16d55e4acc532b1ef59b60a568911cfd26cc2c3ecc8a973eedb119baa87606	PE32	2022-02-24 14:59:00	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasModified_DOS_Message YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vba YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/inject_thread YRP/network_http YRP/network_dropper YRP/network_tcp_socket YRP/escalate_priv YRP/screenshot YRP/migrate_apc YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
66b6f810cf0feba415364bf0cb37bc0760782a7439b598af453b6f4b6ebdacc2	PE32	2022-02-24 14:43:11	User Submission	YRP/ASPack_v212_additional YRP/ASPack_v21_additional YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov YRP/ASPack_v212 [+] YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/ASPack_v211d YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov_additional YRP/ASPack_212withouth_Poly_Solodovnikov_Alexey YRP/ASPack_v212_Alexey_Solodovnikov YRP/ASPackv212AlexeySolodovnikov YRP/ASProtectV2XDLLAlexeySolodovnikov YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/VM_Generic_Detection YRP/anti_dbg YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/Advapi_Hash_API YRP/UPX YRP/suspicious_packer_section
137ff4539eb3ced0b1d3b81e9ecc49ecd15e46afebc6523e838c33144a7144fb	PE32	2022-02-24 14:37:05	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Antivirus YRP/Dropper_Strings YRP/WMI_strings YRP/BITS_CLSID YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vba YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/inject_thread YRP/create_service YRP/network_dropper YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/VC8_Random YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
9b2583cc3acccebb827e0c046e58ebb1b3c8f5136c010c511ceb3d8489832a66	PE32	2022-02-24 14:30:21	User Submission	YRP/ASPack_v212_additional YRP/ASPack_v21_additional YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov YRP/ASPack_v212 [+] YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/ASPack_v211d YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov_additional YRP/ASPack_212withouth_Poly_Solodovnikov_Alexey YRP/ASPack_v212_Alexey_Solodovnikov YRP/ASPackv212AlexeySolodovnikov YRP/ASProtectV2XDLLAlexeySolodovnikov YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Antivirus YRP/Misc_Suspicious_Strings YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_dropper YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/BASE64_table YRP/suspicious_packer_section
0e5184a376f6954251ecca05807841d175b5e1adca7ee6e7d2e5644b5dc8cd60	PE32	2022-02-24 14:18:02	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/WMI_strings YRP/DebuggerCheck__QueryInfo YRP/SEH__vba YRP/anti_dbg YRP/antisb_threatExpert YRP/network_dropper YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/UPX YRP/suspicious_packer_section
51535610166b020ad64904adfbe52bce011d560bf231a40e7ba8cd8179f3e2b3	MS-DOS	2022-02-24 14:10:24	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/mew_11_xx YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasModified_DOS_Message YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/Delphi_Random YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/suspicious_packer_section YRP/IMPLANT_4_v3_AlternativeRule FlorianRoth/IMPLANT_4_v3_AlternativeRule
94eec10d943c918be25ddc7a69ada581ec602a56ac558648a4628c66835c6315	PE32	2022-02-24 13:52:46	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Antivirus YRP/Dropper_Strings YRP/WMI_strings YRP/BITS_CLSID YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/create_service YRP/network_dropper YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/VC8_Random YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
301058f4c654b5bff0116ed6afb3c21b03d564d01bbe867677c246545c8d6ff1	PE32	2022-02-24 13:18:46	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/Dropper_Strings YRP/SEH__vba YRP/anti_dbg YRP/antisb_threatExpert YRP/network_dropper YRP/network_tcp_socket YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/cred_local YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/UPX YRP/suspicious_packer_section
e658d7bd1f6ae7c0760634411f531045adcbca286c65c061805c735a228503e5	PE32	2022-02-24 12:47:06	User Submission	YRP/ASProtect_v132 YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasModified_DOS_Message YRP/domain YRP/contentis_base64 YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers3
3acbcd385dcca5bef66a011ca1dc65f7945967fb244d7cb12f2ec363a48144b5	PE32	2022-02-24 12:26:02	User Submission	YRP/ASPack_v212_additional YRP/ASPack_v21_additional YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov YRP/ASPack_v212 [+] YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/ASPack_v211d YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov_additional YRP/ASPack_212withouth_Poly_Solodovnikov_Alexey YRP/ASPack_v212_Alexey_Solodovnikov YRP/ASPackv212AlexeySolodovnikov YRP/ASProtectV2XDLLAlexeySolodovnikov YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Browsers YRP/Antivirus YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/create_service YRP/escalate_priv YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
88b009f26aa1b37398091538ce5d66d7c8e94294aedc91488e5157cde2ff75b5	PE32	2022-02-24 12:02:28	User Submission	YRP/ASPack_v212_additional YRP/ASPack_v21_additional YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov YRP/ASPack_v212 [+] YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/ASPack_v211d YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov_additional YRP/ASPack_212withouth_Poly_Solodovnikov_Alexey YRP/ASPack_v212_Alexey_Solodovnikov YRP/ASPackv212AlexeySolodovnikov YRP/ASProtectV2XDLLAlexeySolodovnikov YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Browsers YRP/Antivirus YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/create_service YRP/network_dropper YRP/escalate_priv YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
12b2609e2c690bc1ca8cd76f92159f025b89ba679b40005777a242aa62e59394	PE32	2022-02-24 11:25:41	User Submission	YRP/ASPack_v212_additional YRP/ASPack_v21_additional YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov YRP/ASPack_v212 [+] YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/ASPack_v211d YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov_additional YRP/ASPack_212withouth_Poly_Solodovnikov_Alexey YRP/ASPack_v212_Alexey_Solodovnikov YRP/ASPackv212AlexeySolodovnikov YRP/ASProtectV2XDLLAlexeySolodovnikov YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Antivirus YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/escalate_priv YRP/migrate_apc YRP/spreading_share YRP/win_registry YRP/win_token YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
d31a3e206dccd5fa275bacc78e47f69244da8efb1447d83d91b6b4571d7bf379	PE32	2022-02-24 10:38:19	User Submission	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/Netopsystems_FEAD_Optimizer_1 [+] YRP/UPX_290_LZMA YRP/UPX_290_LZMA_Markus_Oberhumer_Laszlo_Molnar_John_Reiser YRP/UPX_290_LZMA_additional YRP/UPX_wwwupxsourceforgenet YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/NETexecutableMicrosoft YRP/UPX290LZMAMarkusOberhumerLaszloMolnarJohnReiser YRP/upx_3 YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/Dropper_Strings YRP/WMI_strings YRP/DebuggerCheck__QueryInfo YRP/SEH__vba YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/network_http YRP/network_dropper YRP/network_dga YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section
ae6806facacea93c1fcfcc72053a6adee069e116bd0c4d67e1573b46c01aa1b3	PE32	2022-02-24 10:31:04	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Advapi_Hash_API YRP/Str_Win32_Wininet_Library
a994789dccdcc8090cd4f2cc1bdd9618a8f0e6d229f1d3a5def68497d7affc76	PE32	2022-02-24 10:15:41	User Submission	YRP/ASPack_v212_additional YRP/ASPack_v21_additional YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov YRP/ASPack_v212 [+] YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/ASPack_v211d YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov_additional YRP/ASPack_212withouth_Poly_Solodovnikov_Alexey YRP/ASPack_v212_Alexey_Solodovnikov YRP/ASPackv212AlexeySolodovnikov YRP/ASProtectV2XDLLAlexeySolodovnikov YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Antivirus YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_http YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Prime_Constants_char YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
927a15f47f80c8c4b8624633f401b5633eca30a43c53cb91d7fa1891d2556640	PE32	2022-02-24 10:06:45	User Submission	YRP/ASPack_v212_additional YRP/ASPack_v21_additional YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov YRP/ASPack_v212 [+] YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/ASPack_v211d YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov_additional YRP/ASPack_212withouth_Poly_Solodovnikov_Alexey YRP/ASPack_v212_Alexey_Solodovnikov YRP/ASPackv212AlexeySolodovnikov YRP/ASProtectV2XDLLAlexeySolodovnikov YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/ppaction YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/WMI_strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/antisb_threatExpert YRP/network_tcp_listen YRP/network_http YRP/escalate_priv YRP/screenshot YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section
6b8ab521edb2804d29f34532662f525c30a3eccd4cd64d644cf9ade30523c058	PE32	2022-02-24 09:32:20	User Submission	YRP/ASProtect_v132 YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasModified_DOS_Message YRP/domain YRP/contentis_base64 YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers3
814c927726603b7b0cd575c884a6d24adcb93d77ffeab4bff7d89f7e872c62a1	PE32	2022-02-24 07:23:17	User Submission	YRP/ASPack_v212_additional YRP/ASPack_v21_additional YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov YRP/ASPack_v212 [+] YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/ASPack_v211d YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov_additional YRP/ASPack_212withouth_Poly_Solodovnikov_Alexey YRP/ASPack_v212_Alexey_Solodovnikov YRP/ASPackv212AlexeySolodovnikov YRP/ASProtectV2XDLLAlexeySolodovnikov YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Browsers YRP/Antivirus YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/suspicious_packer_section
ef71c9a99f534ac780ab5a6c75f34e459034c3ed5444c8ee478ebd5c25072607	PE32	2022-02-24 04:47:38	User Submission	YRP/ASPack_v212_additional YRP/ASPack_v21_additional YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov YRP/ASPack_v212 [+] YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/ASPack_v211d YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov_additional YRP/ASPack_212withouth_Poly_Solodovnikov_Alexey YRP/ASPack_v212_Alexey_Solodovnikov YRP/ASPackv212AlexeySolodovnikov YRP/ASProtectV2XDLLAlexeySolodovnikov YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Browsers YRP/Antivirus YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_http YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
96abf28caec90d5fa56ee0ec63fd22fef4a6e401942be9f1cbdb0a886ceb9359	MS-DOS	2022-02-24 04:36:28	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/mew_11_xx YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasModified_DOS_Message YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/BITS_CLSID YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/spreading_file YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Delphi_Random YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Insta11Code YRP/Insta11 YRP/suspicious_packer_section YRP/CAP_HookExKeylogger YRP/IMPLANT_4_v3_AlternativeRule FlorianRoth/IMPLANT_4_v3_AlternativeRule
4bdb91496e62cfc9e2d68ba887cd8133701e3ee79cbdf449c006c963e99e6fbb	PE32	2022-02-24 04:15:03	User Submission	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/Netopsystems_FEAD_Optimizer_1 [+] YRP/UPX_290_LZMA YRP/UPX_290_LZMA_Markus_Oberhumer_Laszlo_Molnar_John_Reiser YRP/UPX_290_LZMA_additional YRP/UPX_wwwupxsourceforgenet YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/NETexecutableMicrosoft YRP/UPX290LZMAMarkusOberhumerLaszloMolnarJohnReiser YRP/upx_3 YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/anti_dbg YRP/disable_dep YRP/network_http YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/spreading_file YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section
ee79715e37ca31ecc189b92a3e46c3500065403f2167bdb7a561f03b495f960e	PE32+	2022-02-24 04:09:56	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/create_service YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Prime_Constants_char YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/suspicious_packer_section
54bb839eff1fdefb443887c4062b309b8fb9fda50e199539f97ff90051c9c305	PE32	2022-02-24 03:32:40	User Submission	YRP/ASPack_v212_additional YRP/ASPack_v21_additional YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov YRP/ASPack_v212 [+] YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/ASPack_v211d YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov_additional YRP/ASPack_212withouth_Poly_Solodovnikov_Alexey YRP/ASPack_v212_Alexey_Solodovnikov YRP/ASPackv212AlexeySolodovnikov YRP/ASProtectV2XDLLAlexeySolodovnikov YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Browsers YRP/Antivirus YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/create_service YRP/escalate_priv YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
40f3b5981ef43cef2bec6b7302f45faa7ac3e3ac7341d4ca99fe8cb07cba0043	PE32+	2022-02-24 03:17:04	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__RemoteAPI YRP/DebuggerException__SetConsoleCtrl YRP/Check_Debugger YRP/anti_dbg YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers2 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Http_API YRP/RooterStrings YRP/Rooter
7e74549bbee9b5ee7e571d26ca01287a0ed0e9e6f9a409fc6f7606a0fb4c2738	PE32	2022-02-24 01:17:45	User Submission	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/Netopsystems_FEAD_Optimizer_1 [+] YRP/UPX_290_LZMA YRP/UPX_290_LZMA_Markus_Oberhumer_Laszlo_Molnar_John_Reiser YRP/UPX_290_LZMA_additional YRP/UPX_wwwupxsourceforgenet YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/NETexecutableMicrosoft YRP/UPX290LZMAMarkusOberhumerLaszloMolnarJohnReiser YRP/upx_3 YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/network_dropper YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Advapi_Hash_API YRP/Str_Win32_Wininet_Library YRP/UPX YRP/suspicious_packer_section
730006449cfafe50dc9620868b52d9387abcf934b355b4de425b99f64f7fddee	MS-DOS	2022-02-24 01:04:12	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasModified_DOS_Message [+] YRP/domain YRP/contentis_base64 YRP/anti_dbg YRP/inject_thread YRP/escalate_priv YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Advapi_Hash_API YRP/Bublik
26b9eb461857018804ec4acdbb8cf406fac92aac29d35db1eee2b3bfef20d9c0	PE32	2022-02-24 00:58:34	User Submission	YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/ImportTableIsBad YRP/HasRichSignature YRP/ppaction YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/WMI_strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/antisb_threatExpert YRP/network_tcp_listen YRP/network_http YRP/screenshot YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
05840660e317b505d21fc0ba53daca44afcd83820449cf9bcf687112ae2ead36	PE32	2022-02-24 00:21:29	User Submission	YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/WMI_strings YRP/anti_dbg YRP/disable_dep YRP/network_dropper YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Wininet_Library
fa2bee4e54b1337ba35f2339830845b0b470d7f9317cc7cf52427e2bd2f4e983	PE32	2022-02-24 00:12:20	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Antivirus YRP/Dropper_Strings YRP/WMI_strings YRP/BITS_CLSID YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/create_service YRP/network_dropper YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/VC8_Random YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
31b6407b07cc864f37efa8f7c23f761c469035f9dec4ab0cb42c435e99c8b57a	PE32+	2022-02-24 00:07:34	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Prime_Constants_char YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/suspicious_packer_section
088434f54a54d951a7cec8ec1336acf040f2564ad1ca2c37b51e970ee22a2b94	PE32	2022-02-23 23:51:35	User Submission	YRP/ASPack_v212_additional YRP/ASPack_v21_additional YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov YRP/ASPack_v212 [+] YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/ASPack_v211d YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov_additional YRP/ASPack_212withouth_Poly_Solodovnikov_Alexey YRP/ASPack_v212_Alexey_Solodovnikov YRP/ASPackv212AlexeySolodovnikov YRP/ASProtectV2XDLLAlexeySolodovnikov YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Antivirus YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_dropper YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/BASE64_table YRP/suspicious_packer_section
e0264014eb993853b951bcd34f1b021e4f0ddf95416d2ce8bdb19c24a5f4222e	MS-DOS	2022-02-23 23:36:40	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasModified_DOS_Message YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Delphi_Random YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/suspicious_packer_section YRP/IMPLANT_4_v3_AlternativeRule FlorianRoth/IMPLANT_4_v3_AlternativeRule
b51ae8eb818d2e89c149bc8cf47bc78f724b0a8b924b475b7ecf348479684a51	PE32	2022-02-23 23:20:08	User Submission	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/Netopsystems_FEAD_Optimizer_1 [+] YRP/UPX_290_LZMA YRP/UPX_290_LZMA_Markus_Oberhumer_Laszlo_Molnar_John_Reiser YRP/UPX_290_LZMA_additional YRP/UPX_wwwupxsourceforgenet YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX290LZMAMarkusOberhumerLaszloMolnarJohnReiser YRP/upx_3 YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/WMI_strings YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/antisb_threatExpert YRP/network_dropper YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/UPX YRP/suspicious_packer_section
35b0c08624e805916b3e4488d12ba5f97a8a729d4a146c690c1b37db95ddffc8	PE32	2022-02-23 22:55:14	User Submission	YRP/ASProtect_v132 YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasModified_DOS_Message YRP/domain YRP/contentis_base64 YRP/anti_dbg YRP/inject_thread YRP/escalate_priv YRP/screenshot YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers3 YRP/Advapi_Hash_API
61f4bdbc2c2ee7896eb9a7c6d021475ed31198458e64cd00b225f7c0e14637a9	PE32	2022-02-23 21:55:41	User Submission	YRP/IsPE32 YRP/IsDLL YRP/IsConsole YRP/HasOverlay [+] YRP/HasDebugData YRP/HasModified_DOS_Message YRP/domain YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/DebuggerHiding__Active YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/SEH__vectored YRP/Check_Wine YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/migrate_apc YRP/win_mutex YRP/win_private_profile YRP/win_files_operation YRP/spyeye
f54cfb3cc390fd9d4a53a15e4587f862d4aa8fe25e3236f652df8757966ae97d	PE32	2022-02-23 21:29:49	User Submission	YRP/ASPack_v212_additional YRP/ASPack_v21_additional YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov YRP/ASPack_v212 [+] YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/ASPack_v211d YRP/ASProtect_V2X_DLL_Alexey_Solodovnikov_additional YRP/ASPack_212withouth_Poly_Solodovnikov_Alexey YRP/ASPack_v212_Alexey_Solodovnikov YRP/ASPackv212AlexeySolodovnikov YRP/ASProtectV2XDLLAlexeySolodovnikov YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/maldoc_OLE_file_magic_number YRP/Antivirus YRP/Dropper_Strings YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/escalate_priv YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/BASE64_table YRP/suspicious_packer_section
fe375cdce96074235ad69b97222d2b73fc3bdcdd6ca06acc861b4c19f7a7656f	PE32	2022-02-23 21:09:26	User Submission	YRP/SiliconRealmsInstallStub YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_indirect_function_call_3 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/Dropper_Strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/inject_thread YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Prime_Constants_char YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API

Recent Searches
yrp/migrate_apc
yrp/locky_ransomware_2
yrp/privateexeprotectorv18setisoftteam
yrp/_exeshield_protector_36_wwwexeshieldcom
yrp/moleboxv20
yrp/simplepack_v11x_method1_bagie
yrp/rijndael_aes_long
yrp/pecompact_v147_v150
yrp/crack_loader
yrp/luxnet

Search

Recent Searches