MalShare

SHA256 Hash	File type	Added	Source	Yara Hits
0c2ade2993927f6de828e30c07156c19751b55650a05c965631ca0ea1c983498	PE32	2022-03-20 16:22:10	User Submission	YRP/Visual_Cpp_2003_EXE_Microsoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/with_sqlite
a934394936e2250fcdf2140235f1948fa86f49264a6d345289061b334c7037d9	PE32	2022-03-20 13:38:11	User Submission	CuckooSandbox/embedded_macho YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/win_mutex YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
ab004f41d632573a2a4ad96c403f7668988fbc332ec4275fb287296a51c86ccd	PE32	2022-03-20 03:10:56	User Submission	YRP/IsPE32 YRP/IsDLL YRP/IsConsole YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/DebuggerException__ConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_tcp_socket YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API YRP/with_sqlite
0a21373e1d8d824578e7ad38fd97aafaa12622dfcf4bf641868b749507e59f8b	PE32	2022-03-20 03:06:52	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/RijnDael_AES YRP/with_sqlite
eb11729804c030f17ae3daf219cb9526fd22d02e6d4b59b88cdd8cb748b5635b	PE32	2022-03-19 18:02:46	User Submission	CuckooSandbox/embedded_macho YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
3cc17e8a578397b8dad4299539f31925ea3777455d112dafbaf7df283c7cb11e	PE32	2022-03-19 07:08:34	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/anti_dbg YRP/network_tcp_socket YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
3e9f8a23ab29dc16006d57204e1bf006257de4378cf4e10943bea540cdf2b468	PE32	2022-03-19 03:04:33	User Submission	CuckooSandbox/embedded_macho YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
b87a9363db44da3f9677ad32fd2e644b1ea1d0149c3bf8b74af3cb39d77e7e78	PE32	2022-03-18 17:02:49	User Submission	CuckooSandbox/embedded_macho YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
879ad3f6226119bc5be197ac03b14c62c87060ebfb9efea4c8571d15772ef705	PE32	2022-03-18 10:06:13	User Submission	YRP/VC8_Microsoft_Corporation YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/CRC32c_poly_Constant YRP/CRC32_poly_Constant YRP/CRC32_table YRP/SHA512_Constants YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite YRP/GenerateTLSClientHelloPacket_Test
5ace36ce31db7a6c248891433b823d36420207e67e9bdc8f61caf2bad01fc34e	PE32	2022-03-18 10:05:26	User Submission	CuckooSandbox/embedded_macho YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
2779a981bae47dccca241d3af3e2b794722dbad3aa7e04a81198e8e9267b0882	PE32	2022-03-18 07:03:34	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/anti_dbg YRP/network_tcp_socket YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
03b887397102e717de5ef8a0d4d0374bdf5347a85dddc8c829714770142b8fdf	PE32+	2022-03-17 07:04:06	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasDebugData [+] YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_Long YRP/DES_sbox YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Http_API YRP/with_sqlite
3c7b3bb087160a8be92964dcd87f77c1c8b77f4f3cec9896e8bcf56411085fef	PE32+	2022-03-17 03:03:18	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/network_dga YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Advapi_Hash_API YRP/Crypt32_CryptBinaryToString_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/RijnDael_AES YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
8d2bf6ba0d7c59a89a8b76dffb85f90be1abf92fb232160f8146ac0d6da71c1d	PE32+	2022-03-17 03:02:24	User Submission	YRP/possible_includes_base64_packed_functions YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
b01b44fde46c2bb65505a01b69e292fbbc885be2b440f6a2ee107a70fde41a7d	PE32	2022-03-16 15:03:24	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/maldoc_find_kernel32_base_method_1 YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_sbox YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/with_sqlite YRP/pony BAMFDetect/pony
0513c8df4022895305d4cdbbf53103888aa55c590229de9ba0117b542d3b67c6	PE32+	2022-03-16 03:50:13	User Submission	YRP/possible_includes_base64_packed_functions YRP/Microsoft_Visual_Cpp_80 YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 [+] YRP/IsConsole YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
98d70a3891873c94a2c79b9694d4f7646b5faa8421ad305f3217305a912caefa	PE32+	2022-03-16 03:04:04	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasDebugData [+] YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/SHA512_Constants YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Http_API YRP/with_sqlite
f8563e38ede16c69754c82d68138abe36a015180a94ea88b588ba32a0f870edd	PE32	2022-03-15 16:00:34	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_smtp_dotNet YRP/screenshot YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/DES_sbox YRP/UPX YRP/with_sqlite YRP/suspicious_packer_section
bb22665f38590ec0270614069a88396882429e12a3cae64cdcad949103bb9b79	PE32	2022-03-15 15:03:16	User Submission	CuckooSandbox/embedded_macho YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
aa271bd88d2456f5abc763eddcba8b7d3cd396ece15b1f870faa85080f56cac7	PE32+	2022-03-15 03:13:13	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_mutex YRP/win_files_operation YRP/Big_Numbers1 YRP/with_sqlite
81bdbca1f8b2df777b3c347b7e6c07858a49370b4a6e2f659454571c3a85cc97	PE32	2022-03-15 03:04:07	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsConsole [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Advapi_Hash_API YRP/with_sqlite YRP/GenerateTLSClientHelloPacket_Test
bf508f1f751f03db787231a869c9a551ab64005622f829ef67419ef4fdce15a3	PE32	2022-03-14 18:00:42	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
0a4371c690ec9b63bbe8a0b79393a51a46108ff5dcd0ddee7d5a6b6ea40c3f04	PE32	2022-03-14 13:12:23	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsConsole YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Misc_Suspicious_Strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/antisb_threatExpert YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/with_sqlite
cc3e5142cc3b3796125ac7520bb007fcaa0f1cd16d24ea8ff248cdc2231da748	PE32	2022-03-14 13:09:45	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/UPX YRP/with_sqlite YRP/suspicious_packer_section
cbd5ba84136ff83739824fe2a388e9c423be6ed481f27ffb0e7a54e61bb289fe	PE32	2022-03-14 13:01:48	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
d157959d0ce59bf6bdceb0f90a2dba44f3d30c92fdaac93a1375f278de6e8d96	PE32	2022-03-14 06:21:05	User Submission	YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI [+] YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/with_sqlite
d1308d261411ac86dd25ddf47e148bc12458f3097947954afbd8ece450546e56	PE32	2022-03-14 06:17:22	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/network_smtp_dotNet YRP/screenshot YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/DES_sbox YRP/with_sqlite
d0d48466650f533777e9a2834da5fb89c03a16a10eab9baa654f8c9ec2495f4a	PE32	2022-03-14 06:09:59	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/PredatorPain YRP/with_sqlite FlorianRoth/RAT_PredatorPain
d089b1eb2a93fd597ad65c61d3bed35e0563794c26289f9935011e5e74731146	PE32	2022-03-14 06:05:17	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/with_sqlite
159d88ddd564a79129ae91354087369b36d27cad9bde5cc66ac50becae5e7786	PE32	2022-03-14 06:03:04	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/anti_dbg YRP/network_http YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/SHA512_Constants YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
36fcc164264719077c074a60132a51627f4f2fdd5ff775a549685349945c0bf9	PE32	2022-03-14 05:06:02	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/HasDebugData [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/BASE64_table YRP/Str_Win32_Http_API YRP/with_sqlite
e42b663bdca244cf614b44efea03fb42ec450fbf9a835e06649be95e23bbb157	PE32+	2022-03-14 05:05:00	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsConsole YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/win_mutex YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/with_sqlite
deb1246347ce88e8cdd63a233a64bc2090b839f2d933a3097a2fd8fd913c4112	PE32	2022-03-14 05:02:47	User Submission	YRP/Visual_Cpp_2003_EXE_Microsoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Str_Win32_Wininet_Library YRP/with_sqlite
0e56e1d0e1ff6659de6c9521c01688360477b94fafc203bcba2cdce60b32c97b	PE32+	2022-03-14 05:02:44	User Submission	YRP/IsPE64 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Str_Win32_Wininet_Library YRP/with_sqlite
d3c412f28e1690f6a9994a383538e80bc42f4833d1311bbfc01cbd32a96c5743	PE32	2022-03-14 05:01:43	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/with_sqlite
ea9220f0d9f0ef79ba5e9289bc84ac4f4c538b2f1a59fa1b12308bb94c4dc651	PE32	2022-03-13 13:00:32	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/with_sqlite
ef123b275c6c1ae3da6baf24bc82448d9d1751916d9a5a60fd9ef2d2aca6a03b	PE32	2022-03-13 12:04:00	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/PredatorPain YRP/with_sqlite FlorianRoth/RAT_PredatorPain
ef08526902fa73204f426e911d40109f9f764cc1cb76bddc818794e26588a618	PE32	2022-03-13 12:03:27	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/PredatorPain YRP/with_sqlite FlorianRoth/RAT_PredatorPain
455982df5deb2ccdd7528092557983582223371742e1620cb25717abe28cf3e5	PE32	2022-03-13 03:28:20	User Submission	CuckooSandbox/embedded_macho YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
d83056eb7747f43ccce5170109b9b7d1b0fc377f1c2b8c30c5f0aa3fb7d5d5c9	PE32	2022-03-12 22:48:14	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/UPX YRP/with_sqlite YRP/suspicious_packer_section
67bdfbca635730edfe3af3d0ccfcba22e93bf0b87edc0f587ecfb325c8e89dd3	PE32	2022-03-12 21:42:08	User Submission	YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/UPX YRP/with_sqlite YRP/suspicious_packer_section
80753704f9d294f32babf89d471b433e934102aee84dbf359632aa10e9eec413	PE32	2022-03-12 20:03:34	User Submission	YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/NETexecutableMicrosoft YRP/IsPE32 [+] YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_smtp_dotNet YRP/screenshot YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/DES_sbox YRP/UPX YRP/with_sqlite YRP/suspicious_packer_section
8cfe64df3207a00e7b0391008bdb1168fce52bfbc526bfeed3643f7fed5fdebc	PE32	2022-03-12 12:02:09	User Submission	YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE [+] YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
8c26a138a881f2e30921286ff7400d836354939df972f859e01195beca9c37e8	PE32	2022-03-12 12:01:50	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
8ef5e40a849f46191d26e9d06cdb7caf01153800c54835f21efecf3e1f5431dd	PE32	2022-03-12 11:00:58	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_smtp_dotNet YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/with_sqlite
8ecdc850c1a5fdcd9a8f09ab0d9fc1a94a9baa34c18759114c1ddd92b0195348	PE32	2022-03-12 10:03:14	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
92c029fcd02224fc8eb2db3d0f985e15a69b3008fc6ee5fdf856caf85056edb0	PE32	2022-03-12 10:00:40	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/with_sqlite
964f6d743f4f586a2327a6acb0c853dc80a57ba24d2307e94944031f0f116a01	PE32	2022-03-12 09:06:39	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
9cd8de4810e255248cfd54cd192aeb344d9ca721f0e6738e310618e4ea7b45dc	PE32	2022-03-12 06:07:02	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
9c4c931a4be0e98184f29a622c48bc5f609bbd5de5bec59f2ef50f5ec2947a6d	PE32	2022-03-12 06:04:55	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
9ca155bf331e24433c00be0b8f5d4ac8bb7196336a8d101ac8a23a88ef1bd04d	PE32	2022-03-12 06:03:24	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/PredatorPain YRP/with_sqlite FlorianRoth/RAT_PredatorPain
a04e11ea7a755de0f010ce32f114d162763d6be1c2468b0dcd1d7e656cbe3c45	PE32	2022-03-12 05:06:56	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_Studio_NET_additional YRP/NET_executable_ YRP/NET_executable [+] YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
9fdee253615a43dd21e0b3865650112f728bd9bc54aa47304ade2cfd84ca4773	PE32	2022-03-12 05:03:40	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Delphi_Random YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Str_Win32_Wininet_Library YRP/with_sqlite
9a7d7df78b79a9d8156b9870339cdb72a4ca409e9c37291204fee601bf435f99	PE32	2022-03-12 04:04:59	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/HasDebugData [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/BASE64_table YRP/Str_Win32_Http_API YRP/with_sqlite
a3e86c092e6b40385537b56b5b7f5eeeb80156b1be3530bf400f2c249d3ecbcb	PE32	2022-03-12 04:01:31	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_smtp_dotNet YRP/screenshot YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/DES_Long YRP/DES_sbox YRP/with_sqlite
c0bda2c80b743b0080f438a90492c19e8a7960df3c0c68f6a423cf4368923acf	PE32+	2022-03-12 03:47:00	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE64 [+] YRP/IsWindowsGUI YRP/IsPacked YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/SHA512_Constants YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Http_API YRP/UPX YRP/with_sqlite YRP/suspicious_packer_section
c55d6528f9a029f9b78991eaf79b37a49abecd8cfc72dfb2c8ca0893c70444e6	PE32	2022-03-12 03:40:21	User Submission	CuckooSandbox/embedded_macho YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
4c9a341db3fefc5a31f4612f0c7ffb76748020214ad380c1a50be15feecb0d84	PE32+	2022-03-12 03:02:49	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/network_dga YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Advapi_Hash_API YRP/Crypt32_CryptBinaryToString_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/RijnDael_AES YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
b02c5d80464a5f6ce8075309e8dcc16582f68be8c5b594c3a2c97ee5fcfdc8ca	PE32	2022-03-12 00:03:43	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
affd66995d965965ccca7329621cecc01db591a8d9c4e6b8f03e0e2920c32f2e	PE32	2022-03-12 00:01:46	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
65eb36b8c707c8fa140423ae450bbb00b3ad9a2fbe7b5d6651ee776d9fd68f54	PE32+	2022-03-11 03:21:30	User Submission	YRP/possible_includes_base64_packed_functions YRP/Microsoft_Visual_Cpp_80 YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 [+] YRP/IsConsole YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
7d8aa0f7203eab7d96ceea26bc5152ed21cc0a0b5da682e171d6d97cc090967f	PE32+	2022-03-11 03:09:46	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32c_poly_Constant YRP/MD5_Constants YRP/BASE64_table YRP/with_sqlite
688586f16916bfe7d5b86c186e07c3afbba19b4abac116bf2b8017de2201579a	PE32	2022-03-11 01:10:35	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_smtp_dotNet YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/with_sqlite
67f753bdbbcb16337f23e4b0218aa0edbef26b2ebb039d7190f1f19051ac1a42	PE32	2022-03-11 01:01:29	User Submission	YRP/Visual_Cpp_2003_EXE_Microsoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/with_sqlite
4d7e28754d5142f3361d1543bc2f1ddbee2d46d71dc480dffef87bebae6a48ae	PE32	2022-03-10 22:04:30	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
575660f0016e21d6611057a6f86bbc5ab34f866e329fdfe32dd3295231b5e39a	PE32	2022-03-10 18:00:22	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_smtp_dotNet YRP/screenshot YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/DES_Long YRP/DES_sbox YRP/with_sqlite
d7bad9d7888f9e5fe48953aa500efee2df2936ec411f08f36523b25d50990b42	PE32	2022-03-10 17:00:35	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/PredatorPain YRP/with_sqlite FlorianRoth/RAT_PredatorPain
612f858702d084e3e4ac907192318967ca9b08e184785d15dd91c0f613172ae8	PE32	2022-03-10 15:06:37	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_smtp_dotNet YRP/screenshot YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/DES_sbox YRP/with_sqlite
b19af25956b82ec13059ad3241850c030a8fde603983624cb48316ffdd7003f2	PE32	2022-03-10 11:06:23	User Submission	CuckooSandbox/embedded_macho YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
3cb457430bf358994f11af7bafd160c231a8292419bdba9fd319250fe3036905	PE32	2022-03-10 06:00:39	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/HasDebugData [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/BASE64_table YRP/Str_Win32_Http_API YRP/with_sqlite
68911b53f55ca2c7ec67c93f9b9a50e17796743910f19c4e4c6fd1eb18d0be04	PE32	2022-03-10 05:02:10	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vba YRP/network_ftp YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/with_sqlite
6be42b803f6df9a6520608ac4b4c91437ccf640c42c37650e83f864ceb48950b	PE32	2022-03-10 04:01:12	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
4965867078b97dc863482ab2e1d125ee4507e2a43bbfadfcbde456655ac73865	PE32	2022-03-10 03:34:02	User Submission	CuckooSandbox/embedded_macho YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
2f28a5cc4c9b63f6c5db28f6d0ad0fd5b8bd0d3ad6a11e2c0854b185856b3953	PE32+	2022-03-10 03:02:14	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/network_dga YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Advapi_Hash_API YRP/Crypt32_CryptBinaryToString_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/RijnDael_AES YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
dee7322f6c8bc9b36f577a6c1c54e18848bc9e84afa978ebde4cd0beba9fef7e	PE32	2022-03-09 16:06:44	User Submission	CuckooSandbox/embedded_macho YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
cbd5dae0d27f7dedb6c78128d4465a66cab90ea600d90898cdad60103c681206	PE32+	2022-03-09 03:30:21	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_tcp_socket YRP/network_dns YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
bc793c49510f507da1e28c886af7ee596e5eb341a242125f56d46bc7925f88f2	PE32	2022-03-09 03:07:04	User Submission	CuckooSandbox/embedded_macho YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
b73db85f5ea3d2a0bd63d13497c18da8f4d7fdfda028694f73e946c5c2727032	PE32	2022-03-09 03:02:48	User Submission	CuckooSandbox/embedded_macho YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
49ef2bc0069c486d1c4df2a23e5a4bc967de49b361178cd17791d6fc8160b24a	PE32	2022-03-08 20:00:36	User Submission	YRP/Visual_Cpp_2003_EXE_Microsoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/inject_thread YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/with_sqlite
58128c6913cad7d9fb2823171c7973a24286fd293d0049cdd641eaf3397a5477	PE32	2022-03-08 19:01:36	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/ProtectSharewareV11eCompservCMS YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/SEH__vba YRP/screenshot YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/DES_Long YRP/DES_sbox YRP/with_sqlite
57b092a49d8e408c1dc6b5d15256291a0825fdc326d7559220b6631610580f46	PE32	2022-03-08 19:00:33	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VMWare_Detection YRP/VirtualBox_Detection YRP/Dropper_Strings YRP/network_smtp_dotNet YRP/screenshot YRP/win_registry YRP/win_files_operation YRP/vmdetect_misc YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/DES_sbox YRP/with_sqlite
7dd3761e731e56d5f44e7aca186118b602b0f417a7660ab7d1a1f15c4da761ae	PE32	2022-03-08 16:03:50	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/screenshot YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/DES_sbox YRP/with_sqlite
7dac1b39a0f22b51f57bd99bdbc5879a724a85c6eaa37d0eb0be6f419357bed1	PE32	2022-03-08 16:02:53	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/screenshot YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/DES_sbox YRP/with_sqlite
a67febdff37301c3c7f64e660d77f3943bf4d966813d93d1e29838c21866609b	MS-DOS	2022-03-08 12:02:38	User Submission	YRP/Visual_Cpp_2003_EXE_Microsoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/with_sqlite
6704447b20b1381fee4c57ab154e3ea3e5a891c34184a54a8a94a43ad59ca54c	PE32+	2022-03-08 03:34:35	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/RijnDael_AES YRP/with_sqlite
dbea0ea3572ebf2227a8edd58978d345917cf3f1834544d8b2b68ad1317b949f	PE32+	2022-03-08 03:12:53	User Submission	YRP/possible_includes_base64_packed_functions YRP/Microsoft_Visual_Cpp_80 YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 [+] YRP/IsConsole YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
6568d01d73ef5fda475191283e9bab108a8acfe74051eb6a1e58b724375dc092	PE32+	2022-03-08 03:04:00	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE64 [+] YRP/IsWindowsGUI YRP/IsPacked YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/SHA512_Constants YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Http_API YRP/UPX YRP/with_sqlite YRP/suspicious_packer_section
2a45c88bf116d925df7f01a9e66b787f127e0cec2025c9b7ffb847c28a468f9c	PE32	2022-03-08 03:01:22	User Submission	CuckooSandbox/embedded_macho YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
2b17c337ad2d287c611eab817028aad228501deda1ff49599eccd5e0b6a2e07b	PE32	2022-03-07 10:16:22	User Submission	YRP/VC8_Microsoft_Corporation YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/CRC32c_poly_Constant YRP/CRC32_poly_Constant YRP/CRC32_table YRP/SHA512_Constants YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite YRP/GenerateTLSClientHelloPacket_Test
3e3dcb446aec4c4ddf814a16d08460269e4603ec07196fd0cd15196e8c1808bc	PE32	2022-03-07 10:05:07	User Submission	CuckooSandbox/embedded_macho YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
6f096ccd8419fe6b9e027d9b365efbf4d767c709fca7bd297f8e3f7aad77231c	PE32+	2022-03-06 03:59:33	User Submission	YRP/possible_includes_base64_packed_functions YRP/FSG_v110_Eng_dulekxt_Microsoft_Visual_C_Basic_NET YRP/IsPE64 YRP/IsDLL [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
3ffb13019a60f597584feade7356c294ad40b132f5b9faf180c1756b24c4e1a0	PE32	2022-03-06 03:51:03	User Submission	CuckooSandbox/embedded_macho YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
43e5ba1a7b04577069674119ce7cd40de3a7c8eca59ee69079420ed98c4878e1	PE32+	2022-03-06 03:08:47	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/VMWare_Detection YRP/WMI_strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/network_dga YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
8524a52f8b2b51417e1c741cae100fe1ea95a259948f35ee800ff5a0b21e7157	PE32	2022-03-06 03:08:16	User Submission	YRP/VC8_Microsoft_Corporation YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/WMI_strings YRP/DebuggerCheck__QueryInfo YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/network_dropper YRP/network_tcp_socket YRP/network_dga YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/SHA512_Constants YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite YRP/GenerateTLSClientHelloPacket_Test
b51ad65b640c3df24348785d90a3ab9b49d2830a2586b8fb5cda9f160d142d10	PE32	2022-03-06 03:03:16	User Submission	CuckooSandbox/embedded_macho YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
acef718e5448e8f6f41f0a9e629b1ef41a1f49e30721cfbf906705aed0cd470d	PE32	2022-03-06 03:01:03	User Submission	CuckooSandbox/embedded_macho YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
74aeaf1160114dada3c74d066fd1d0a294aca6f4cc7070462d7a96fa7c16014b	PE32	2022-03-05 19:02:21	User Submission	CuckooSandbox/embedded_macho YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_http YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite
79228eafa939c85aa515a1c066afa098c4f81b1509cbb2f3489b54c0a3671012	PE32+	2022-03-05 03:34:11	User Submission	YRP/Microsoft_Visual_Cpp_80 YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/VMWare_Detection YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/WHIRLPOOL_Constants YRP/DES_Long YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/with_sqlite
552cb45365d5269c2d6aac24ab7eaea25a1b8aa476b9fa3e889ca044c4f97db9	PE32	2022-03-05 03:10:01	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsConsole [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Advapi_Hash_API YRP/with_sqlite YRP/GenerateTLSClientHelloPacket_Test
a87d10a3995ea6db62f65541511ec819a2574bea0effe46ce28646bf262a3d57	PE32	2022-03-05 03:09:41	User Submission	YRP/possible_includes_base64_packed_functions YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_antivirus YRP/network_http YRP/escalate_priv YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/VC8_Random YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/with_sqlite

Recent Searches
yrp/webshell_jsp_k81
yrp/with_sqlite
yrp/miragestrings
yrp/pe_crypt_15_bitshape_software
yrp/obsidium_vxxxx
yrp/w3d_php_php
yrp/pezipv10bybagie
yrp/activemark5xtrymediasystemsinc
yrp/bobsoft_mini_delphi_bob_bobsoft_additional
yrp/network_p2p_win

Search

Recent Searches