MalShare

A free Malware repository providing researchers access to samples, malicous feeds, and Yara results.

Recently added Samples

MD5 Hash	File type	Added	Source	Yara Hits
ce148f1ca16e279aae128527b66f3738	PE32	2019-09-20 15:39:21 UTC	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg FlorianRoth/DragonFly_APT_Sep17_3
cb5c3915bc80bffc010d87a4fee30586	PE32	2019-09-20 15:39:19 UTC	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg FlorianRoth/DragonFly_APT_Sep17_3
c4c794402f12852dfe3b484263516fa8	PE32	2019-09-20 15:24:04 UTC	http://59.188.255.217:6321/SQLAGENTIDW.exe	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h [+] YRP/Netopsystems_FEAD_Optimizer_1 YRP/UPX_290_LZMA YRP/UPX_290_LZMA_Markus_Oberhumer_Laszlo_Molnar_John_Reiser YRP/UPX_290_LZMA_additional YRP/UPX_wwwupxsourceforgenet YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX290LZMAMarkusOberhumerLaszloMolnarJohnReiser YRP/upx_3 YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/WMI_strings YRP/screenshot YRP/win_registry YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section
9a0df3902846fdf8be44763ded7a2fcf	MS-DOS	2019-09-20 15:23:59 UTC	http://59.188.255.217:6321/SQLIOMDSD.exe	YRP/MPRESS_V200_V20X_MATCODE_Software_20090423 YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/mpress_2_xx_x86 [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/IsBeyondImageSize YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/win_registry YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section FlorianRoth/DragonFly_APT_Sep17_3
3439213af5ed11aaebf0c5048cfcdc56	MS-DOS	2019-09-20 15:23:56 UTC	http://59.188.255.217:6321/SQLSernsf.exe	YRP/MPRESS_V200_V20X_MATCODE_Software_20090423 YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/mpress_2_xx_x86 [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasDigitalSignature YRP/HasModified_DOS_Message YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/screenshot YRP/suspicious_packer_section
01e60c4b3198486eaf2f2d23f0dc91f9	PE32	2019-09-20 15:19:48 UTC	User Submission	FlorianRoth/WiltedTulip_ReflectiveLoader FlorianRoth/ReflectiveLoader
57b0f1d07f2702cd7bf22d7ca100b031	PE32	2019-09-20 15:19:33 UTC	User Submission	FlorianRoth/WiltedTulip_ReflectiveLoader FlorianRoth/ReflectiveLoader
4892927f11bd7e776452826c6298e488	PE32+	2019-09-20 15:19:19 UTC	User Submission	YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/FASM YRP/domain YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
868f60c4a60580ceb22d59c6415d19a3	PE32+	2019-09-20 15:09:19 UTC	User Submission	YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/FASM YRP/domain YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
3120f42ec70fc33b00be83d6d5253ceb	Composite	2019-09-20 15:07:39 UTC	User Submission	CuckooSandbox/shellcode YRP/domain YRP/maldoc_OLE_file_magic_number [+] YRP/suspicious_packer_section

Total Samples: 3223748