MalShare

A free Malware repository providing researchers access to samples, malicious feeds, and Yara results.

Recently added Samples

MD5 Hash	File type	Added	Source	Yara Hits
0395696b2affd1eabaf19e8bc0579979	ASCII	2021-07-26 03:28:09 UTC	http://galeriamaikasanchez.com/TTT54ERRE/DHL/
904769f887b4d63ba5d696ec01eb9431	ASCII	2021-07-26 03:24:43 UTC	https://mandrillapp.com/track/click/30946235/redirect.goooglesafelink.com?p=
12852bd894ca5f801e282ab63134c957	PE32+	2021-07-26 03:18:03 UTC	Zemana Submission	YRP/IsPE64 YRP/IsConsole YRP/HasDebugData [+] YRP/IsBeyondImageSize YRP/ImportTableIsBad YRP/domain YRP/url YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
47e6fd8aa9a9ebc8ca6be00d3b1e22ed	PE32	2021-07-26 03:18:01 UTC	Zemana Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/anti_dbg YRP/escalate_priv YRP/screenshot YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Advapi_Hash_API YRP/Str_Win32_Wininet_Library YRP/suspicious_packer_section
d4dec5f704f4735f8bbf15ee04b028db	PE32	2021-07-26 03:17:49 UTC	Zemana Submission
920047d86ad76fdb884e5382c394c707	PE32	2021-07-26 03:17:18 UTC	Zemana Submission	YRP/Visual_Cpp_2005_Release_Microsoft YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 [+] YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg FlorianRoth/DragonFly_APT_Sep17_3
d2cc7f618d174a5c677810ce4a04ca28	PE32	2021-07-26 03:17:09 UTC	Zemana Submission
4c70cb398d16349c06010c0669fba149	PE32+	2021-07-26 03:16:46 UTC	Zemana Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerHiding__Active YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/BASE64_table
9e09818f5844a8cec16512a6d61154d8	PE32	2021-07-26 03:16:40 UTC	Zemana Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerHiding__Active YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/BASE64_table
ce07a2d412cc477411cf0462165cd3a3	PE32+	2021-07-26 03:16:35 UTC	Zemana Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/inject_thread YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/Str_Win32_Http_API