MalShare

A free Malware repository providing researchers access to samples, malicous feeds, and Yara results.

Recently added Samples

MD5 Hash	File type	Added	Source	Yara Hits
eb0778c9d914eebe8c09558dc9be3fdd	PE32	2019-11-12 07:59:31 UTC	http://www.upgradefile.com/Download/DreamApp/3247/DrtCorp.exe	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/UPXv20MarkusLaszloReiser [+] YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_dropper YRP/screenshot YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/BLOWFISH_Constants
8d0f3326072c5d4da02ebb1a5a221c40	PE32+	2019-11-12 06:54:44 UTC	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole [+] YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/keylogger YRP/win_token YRP/win_files_operation YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/Str_Win32_Winsock2_Library
b9279c29ee6c1c5e179409c21c55f8e8	PE32+	2019-11-12 06:54:40 UTC	http://211.220.181.146:443/o/cpu64.exe	YRP/Armadillo_v4x YRP/IsPE64 YRP/IsConsole [+] YRP/IsPacked YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/UPX YRP/suspicious_packer_section
8ff2bae37ccf2aa2d8d9aa1047996c98	PE32	2019-11-12 06:54:38 UTC	User Submission	YRP/IsPE32 YRP/IsConsole YRP/IsBeyondImageSize [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/SEH__vectored YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/Str_Win32_Winsock2_Library
5e608cc8c019e782921a619112081ff0	PE32	2019-11-12 06:54:32 UTC	http://211.220.181.146:443/o/cpu32.exe	YRP/UPX_v0896_v102_v105_v122_Delphi_stub_additional YRP/UPX_v0896_v102_v105_v122_Delphi_stub_Laszlo_Markus YRP/UPX_wwwupxsourceforgenet_additional [+] YRP/MSLRH_V031_emadicius YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/UPX_v0896_v102_v105_v122_Delphi_stub YRP/UPX_wwwupxsourceforgenet YRP/UPXProtectorv10x2 YRP/IsPE32 YRP/IsConsole YRP/IsPacked YRP/IsBeyondImageSize YRP/domain YRP/contentis_base64 YRP/UPX YRP/suspicious_packer_section
4a806682777e44850516400143a74e14	PE32+	2019-11-12 06:54:28 UTC	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole [+] YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/bitcoin YRP/escalate_priv YRP/keylogger YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/Str_Win32_Winsock2_Library
0de7bf88e0f8b0316b424b71d6a35bf4	PE32+	2019-11-12 06:54:23 UTC	http://211.220.181.146:443/o/amd64.exe	YRP/IsPE64 YRP/IsConsole YRP/IsPacked [+] YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/UPX YRP/suspicious_packer_section
cf45141ffafd47a0dbad0559849013da	PE32+	2019-11-12 06:54:20 UTC	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole [+] YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/bitcoin YRP/escalate_priv YRP/keylogger YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/Str_Win32_Winsock2_Library
ad7a96d8e32ffebd618a9176b6d47e44	PE32+	2019-11-12 06:54:16 UTC	http://211.220.181.146:443/o/amd32.exe	YRP/IsPE64 YRP/IsConsole YRP/IsPacked [+] YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/UPX YRP/suspicious_packer_section
ef2d09f1dd405027248300d413432b22	PE32	2019-11-12 06:40:32 UTC	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET [+] YRP/Microsoft_Visual_Studio_NET_additional YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/contentis_base64 YRP/android_meterpreter

Total Samples: 3423996