Mal
Share
Home
Upload
Search
Download
Register
API
About
Login
SHA256 Hash
File type
Added
Source
Yara Hits
7e421f698b54005ed0fa9e6d302e015cc07f331af157b187699fb1356ca05eb9
PE32
2022-02-24 09:29:55
User Submission
YRP/WARNING_TROJAN_HuiGeZi_additional
YRP/Microsoft_Visual_Cpp_v50v60_MFC
YRP/WARNING_TROJAN_HuiGeZi
YRP/Borland
[+]
YRP/WARNINGTROJANHuiGeZi
YRP/IsPE32
YRP/IsWindowsGUI
YRP/HasOverlay
YRP/borland_delphi
YRP/domain
YRP/contentis_base64
YRP/System_Tools
YRP/Dropper_Strings
YRP/Misc_Suspicious_Strings
YRP/DebuggerException__ConsoleCtrl
YRP/DebuggerException__SetConsoleCtrl
YRP/anti_dbg
YRP/screenshot
YRP/keylogger
YRP/win_registry
YRP/win_files_operation
YRP/Delphi_CompareCall
YRP/Delphi_Copy
14e5e5cbed018f47a15319211bea5ffbdf905e2f254644ca5ddd417bd40a9f35
PE32
2022-02-23 15:34:26
User Submission
YRP/WARNING_TROJAN_HuiGeZi_additional
YRP/Microsoft_Visual_Cpp_v50v60_MFC
YRP/WARNING_TROJAN_HuiGeZi
YRP/Borland
[+]
YRP/WARNINGTROJANHuiGeZi
YRP/IsPE32
YRP/IsWindowsGUI
YRP/HasOverlay
YRP/borland_delphi
YRP/domain
YRP/IP
YRP/url
YRP/contentis_base64
YRP/Dropper_Strings
YRP/anti_dbg
YRP/network_irc
YRP/network_dropper
YRP/network_tcp_socket
YRP/network_dns
YRP/escalate_priv
YRP/keylogger
YRP/spreading_share
YRP/win_mutex
YRP/win_registry
YRP/win_token
YRP/win_private_profile
YRP/win_files_operation
YRP/Delphi_Random
YRP/Delphi_CompareCall
YRP/Delphi_Copy
YRP/Str_Win32_Winsock2_Library
YRP/Str_Win32_Wininet_Library
YRP/UPX
YRP/suspicious_packer_section
1b06a70925b95e265e298ff172b8927269e9f9af334732d64580f072a24309d0
PE32
2022-02-23 08:37:59
User Submission
YRP/WARNING_TROJAN_HuiGeZi_additional
YRP/Microsoft_Visual_Cpp_v50v60_MFC
YRP/WARNING_TROJAN_HuiGeZi
YRP/Borland
[+]
YRP/WARNINGTROJANHuiGeZi
YRP/IsPE32
YRP/IsWindowsGUI
YRP/HasOverlay
YRP/HasDigitalSignature
YRP/borland_delphi
YRP/domain
YRP/IP
YRP/url
YRP/contentis_base64
YRP/System_Tools
YRP/Dropper_Strings
YRP/Misc_Suspicious_Strings
YRP/anti_dbg
YRP/network_tcp_listen
YRP/network_http
YRP/network_tcp_socket
YRP/screenshot
YRP/keylogger
YRP/win_registry
YRP/win_token
YRP/win_files_operation
YRP/Big_Numbers1
YRP/MD5_Constants
YRP/BASE64_table
YRP/Delphi_CompareCall
YRP/Delphi_Copy
YRP/Str_Win32_Winsock2_Library
YRP/Str_Win32_Wininet_Library
YRP/Str_Win32_Internet_API
YRP/Str_Win32_Http_API
YRP/with_sqlite
891ae88bc3ba7dbce39f859cba6f354ac6254a7e4e5c43f61a67838b09310298
PE32
2022-02-22 23:50:43
User Submission
YRP/WARNING_TROJAN_HuiGeZi_additional
YRP/Microsoft_Visual_Cpp_v50v60_MFC
YRP/WARNING_TROJAN_HuiGeZi
YRP/Borland
[+]
YRP/WARNINGTROJANHuiGeZi
YRP/IsPE32
YRP/IsWindowsGUI
YRP/HasOverlay
YRP/HasDigitalSignature
YRP/borland_delphi
YRP/domain
YRP/IP
YRP/url
YRP/contentis_base64
YRP/Dropper_Strings
YRP/WMI_strings
YRP/network_udp_sock
YRP/network_tcp_listen
YRP/network_tcp_socket
YRP/network_dns
YRP/network_ssl
YRP/screenshot
YRP/keylogger
YRP/win_mutex
YRP/win_registry
YRP/win_private_profile
YRP/win_files_operation
YRP/win_hook
YRP/Big_Numbers0
YRP/Big_Numbers1
YRP/Big_Numbers2
YRP/CRC32_poly_Constant
YRP/CRC32_table
YRP/CRC16_table
YRP/BASE64_table
YRP/Delphi_Random
YRP/Delphi_FormShow
YRP/Delphi_CompareCall
YRP/Delphi_Copy
YRP/Delphi_StrToInt
YRP/Delphi_DecodeDate
YRP/Str_Win32_Winsock2_Library
YRP/CookieTools
308cb76de210becb6e960d1a86a9580a8a8e324a9a4f5b5836ba8dc54cabebb3
PE32
2022-02-22 23:39:02
User Submission
YRP/WARNING_TROJAN_HuiGeZi_additional
YRP/Microsoft_Visual_Cpp_v50v60_MFC
YRP/WARNING_TROJAN_HuiGeZi
YRP/Borland
[+]
YRP/WARNINGTROJANHuiGeZi
YRP/IsPE32
YRP/IsWindowsGUI
YRP/HasOverlay
YRP/borland_delphi
YRP/maldoc_find_kernel32_base_method_1
YRP/domain
YRP/IP
YRP/url
YRP/contentis_base64
YRP/Dropper_Strings
YRP/Misc_Suspicious_Strings
YRP/DebuggerException__SetConsoleCtrl
YRP/anti_dbg
YRP/network_irc
YRP/network_dropper
YRP/network_tcp_socket
YRP/network_dns
YRP/escalate_priv
YRP/keylogger
YRP/spreading_share
YRP/win_mutex
YRP/win_registry
YRP/win_token
YRP/win_private_profile
YRP/win_files_operation
YRP/Big_Numbers0
YRP/CRC32_poly_Constant
YRP/CRC32_table
YRP/Delphi_Random
YRP/Delphi_CompareCall
YRP/Delphi_Copy
YRP/Str_Win32_Winsock2_Library
YRP/Str_Win32_Wininet_Library
YRP/UPX
YRP/suspicious_packer_section
491f71189512d04a25039c86cf5b0975796d3b0a632ba3e16ea59be6459170ce
PE32
2022-02-22 23:17:18
User Submission
YRP/WARNING_TROJAN_HuiGeZi_additional
YRP/Microsoft_Visual_Cpp_v50v60_MFC
YRP/WARNING_TROJAN_HuiGeZi
YRP/Borland
[+]
YRP/WARNINGTROJANHuiGeZi
YRP/IsPE32
YRP/IsWindowsGUI
YRP/HasOverlay
YRP/HasDigitalSignature
YRP/borland_delphi
YRP/domain
YRP/IP
YRP/url
YRP/contentis_base64
YRP/System_Tools
YRP/Dropper_Strings
YRP/Misc_Suspicious_Strings
YRP/anti_dbg
YRP/screenshot
YRP/keylogger
YRP/win_registry
YRP/win_files_operation
YRP/Big_Numbers1
YRP/Delphi_CompareCall
YRP/Delphi_Copy
8d15cd4cd9785a6afdefb124b88b77718a6f516bd0a65a1a168214258d0ee4d7
PE32
2022-02-18 02:30:33
User Submission
YRP/WARNING_TROJAN_HuiGeZi_additional
YRP/Microsoft_Visual_Cpp_v50v60_MFC
YRP/WARNING_TROJAN_HuiGeZi
YRP/Borland
[+]
YRP/WARNINGTROJANHuiGeZi
YRP/IsPE32
YRP/IsWindowsGUI
YRP/IsPacked
YRP/HasOverlay
YRP/borland_delphi
YRP/domain
YRP/IP
YRP/contentis_base64
YRP/keylogger
YRP/win_registry
YRP/win_files_operation
YRP/Delphi_Random
YRP/Delphi_CompareCall
YRP/Delphi_Copy
518e36f0d0f44b4362e65f67ab2c820a924f3130f75baa983444ed77b58cadd8
PE32
2022-02-17 19:21:03
User Submission
YRP/WARNING_TROJAN_HuiGeZi_additional
YRP/Microsoft_Visual_Cpp_v50v60_MFC
YRP/WARNING_TROJAN_HuiGeZi
YRP/Borland
[+]
YRP/WARNINGTROJANHuiGeZi
YRP/IsPE32
YRP/IsWindowsGUI
YRP/borland_delphi
YRP/domain
YRP/IP
YRP/url
YRP/contentis_base64
YRP/Misc_Suspicious_Strings
YRP/network_udp_sock
YRP/network_tcp_listen
YRP/network_tcp_socket
YRP/network_dns
YRP/screenshot
YRP/keylogger
YRP/win_registry
YRP/win_private_profile
YRP/win_files_operation
YRP/win_hook
YRP/BASE64_table
YRP/Delphi_FormShow
YRP/Delphi_CompareCall
YRP/Delphi_Copy
YRP/Str_Win32_Winsock2_Library
YRP/RSharedStrings
82678aab5a7836025c99172bbb2e5c7d886bb9ca264a7c4b1c5928c2be81d8b5
PE32
2022-02-17 09:47:29
User Submission
YRP/WARNING_TROJAN_HuiGeZi_additional
YRP/Borland_Delphi_50_KOLMCK
YRP/Microsoft_Visual_Cpp_v50v60_MFC
YRP/WARNING_TROJAN_HuiGeZi
[+]
YRP/Borland_Delphi_v50_KOLMCK
YRP/WARNINGTROJANHuiGeZi
YRP/IsPE32
YRP/IsWindowsGUI
YRP/IsPacked
YRP/HasOverlay
YRP/HasRichSignature
YRP/domain
YRP/contentis_base64
YRP/win_files_operation
58357d6564f6c762703e62cc78a0997ed189b9b8fb63dfc5f07eb3c554fe5758
PE32
2022-02-16 18:33:25
User Submission
YRP/WARNING_TROJAN_HuiGeZi_additional
YRP/Microsoft_Visual_Cpp_v50v60_MFC
YRP/WARNING_TROJAN_HuiGeZi
YRP/Borland
[+]
YRP/WARNINGTROJANHuiGeZi
YRP/IsPE32
YRP/IsWindowsGUI
YRP/HasOverlay
YRP/borland_delphi
YRP/domain
YRP/contentis_base64
YRP/keylogger
YRP/win_registry
YRP/win_files_operation
YRP/Delphi_Random
YRP/Delphi_CompareCall
YRP/Delphi_Copy
FlorianRoth/DragonFly_APT_Sep17_3
caa6ae2f36ac1a4b1328169ea55f66b3da29cc1c0e82b7763da4a62df2c246f9
PE32
2020-06-30 14:45:52
User Submission
YRP/WARNING_TROJAN_HuiGeZi_additional
YRP/Microsoft_Visual_Cpp_v50v60_MFC
YRP/WARNING_TROJAN_HuiGeZi
YRP/Borland
[+]
YRP/WARNINGTROJANHuiGeZi
YRP/IsPE32
YRP/IsWindowsGUI
YRP/HasOverlay
YRP/borland_delphi
YRP/domain
YRP/IP
YRP/url
YRP/contentis_base64
YRP/Dropper_Strings
YRP/network_tcp_socket
YRP/screenshot
YRP/keylogger
YRP/spreading_share
YRP/win_mutex
YRP/win_registry
YRP/win_private_profile
YRP/win_files_operation
YRP/Delphi_Random
YRP/Delphi_CompareCall
YRP/Delphi_Copy
YRP/Str_Win32_Winsock2_Library
YRP/Str_Win32_Wininet_Library
YRP/UPX
YRP/suspicious_packer_section
a6f46007f8f57166fd627941fa801422669a648a802c1155942a20f02b212e59
PE32
2019-12-02 20:12:00
User Submission
YRP/WARNING_TROJAN_HuiGeZi_additional
YRP/Microsoft_Visual_Cpp_v50v60_MFC
YRP/WARNING_TROJAN_HuiGeZi
YRP/Borland
[+]
YRP/WARNINGTROJANHuiGeZi
YRP/IsPE32
YRP/IsWindowsGUI
YRP/HasOverlay
YRP/borland_delphi
YRP/domain
YRP/IP
YRP/url
YRP/contentis_base64
YRP/Dropper_Strings
YRP/network_tcp_socket
YRP/screenshot
YRP/keylogger
YRP/spreading_share
YRP/win_mutex
YRP/win_registry
YRP/win_private_profile
YRP/win_files_operation
YRP/Delphi_Random
YRP/Delphi_CompareCall
YRP/Delphi_Copy
YRP/Str_Win32_Winsock2_Library
YRP/Str_Win32_Wininet_Library
YRP/UPX
YRP/suspicious_packer_section
Search
Private Search
Submit
Syntax
Specific Search:
> [md5 | sha1 | sha256 | source]: (query)
Broad:
> (query)
Recent Searches
yrp/warning_trojan_huigezi_additional
yrp/microsoft_visual_cpp_v60
yrp/free_pascal
yrp/zerox88_js3
yrp/multiple_webshells_0019
yrp/pespinv11cyberbob
yrp/quarian
yrp/apt_equation_cryptotable
yrp/irontiger_dllshellexc2010
yrp/xhider10global