MalShare

SHA256 Hash	File type	Added	Source	Yara Hits
c27c16af4d315e2022f2bda8d6f7ed9802ca944c3005d70a08f7ca9763b31b20	PE32	2022-03-20 23:16:49	User Submission	YRP/VC8_Microsoft_Corporation YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/inject_thread YRP/network_tcp_listen YRP/network_smtp_raw YRP/network_dropper YRP/network_tcp_socket YRP/network_dns YRP/network_dga YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/sniff_audio YRP/migrate_apc YRP/spreading_file YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/RijnDael_AES YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section YRP/GenerateTLSClientHelloPacket_Test
b33670c066227214d2623c58d1afc62326122006a0fbe95a1cd20c5b88d9718c	XML	2022-03-20 23:13:41	User Submission	YRP/domain YRP/IP YRP/url YRP/contentis_base64
52361defc2bd335cd39658c29d5ee88c245ef5709c85dd7bfb1944a12fe9d027	XML	2022-03-20 23:13:41	User Submission	YRP/domain YRP/IP YRP/url YRP/contentis_base64
e14e3ba37274e5efe932d789e8e24e20c7c21ad852978df80bb9392f5acf238e	PE32	2022-03-20 23:00:49	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/anti_dbg YRP/win_files_operation
11fde3357b278e91628133d2e481b0e3a11e228a9e1151c4a175fa922ec5ee65	PE32	2022-03-20 23:00:43	User Submission	YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI [+] YRP/domain YRP/IP YRP/contentis_base64 YRP/Big_Numbers1
59ea7066c5ea6dc18d7139bb8773375246fdaa93001567a4cf3abf356e9d7b34	PE32	2022-03-20 23:00:37	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Big_Numbers4
6ae733301e4618783ec9587f01dfbd400bbe821be3c2333c4e65935eb300ce70	PE32	2022-03-20 23:00:30	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64
be4ebe13d798c7207401ebca2b8657ede3c4ef9d0250992d32b854e023e1eb9c	PE32	2022-03-20 23:00:24	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/Big_Numbers4
d05da0ea64354f6f822816807184f7a9e6e3654c7e8197331014722513c68cc5	PE32	2022-03-20 23:00:18	User Submission	YRP/possible_includes_base64_packed_functions YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET [+] YRP/Microsoft_Visual_Studio_NET_additional YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/contentis_base64
7d26b8334b4dbd2abb9b4240a8638d20bafaf93d9eaff13a494bae2a45971211	PE32	2022-03-20 22:32:59	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v60_v70 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Delphi_StrToInt YRP/Delphi_DecodeDate
7c321e4c1f7dee37aab2fd65d50987b9502a3700348ef2ab08d79a952ff27ab7	PE32	2022-03-20 22:00:49	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/contentis_base64 YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/disable_dep YRP/keylogger YRP/Njrat
95a905f4fc729cb67d8eacdba48b8846e9fff85c507556f7aa42dea59ee77cf0	ELF	2022-03-20 22:00:43	User Submission	YRP/domain YRP/IP YRP/contentis_base64 YRP/Big_Numbers4
0a3effa679ecb43ef7fdd08211ad33f80450b710106677fbdc5c733d3a0649fa	ELF	2022-03-20 22:00:38	User Submission	YRP/domain YRP/IP YRP/contentis_base64 YRP/Big_Numbers4
362ca2559d7ef895a8566f15418bd2ba91894d6ae55a4d30e5d4e98fd03d45fc	ELF	2022-03-20 22:00:33	User Submission	YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 [+] YRP/Big_Numbers4
964af67c8343564ffc89b0537054e38de3c55853aaaa6ba0fcd3ede1e6d611b4	ELF	2022-03-20 22:00:28	User Submission	YRP/domain YRP/IP YRP/contentis_base64 YRP/Big_Numbers4
d2d10d3f799c8594f22939899d64751888844f1e9ae4e0ac08dccbe15f4e33bf	ELF	2022-03-20 22:00:22	User Submission	YRP/domain YRP/IP YRP/contentis_base64 YRP/Big_Numbers4
bde9d61a4f967334f4cbf10d22d5c5e497844e224517b3f03ec7bdd094a60504	ELF	2022-03-20 22:00:17	User Submission	YRP/domain YRP/IP YRP/contentis_base64 YRP/Big_Numbers4
87216f15330710de0c1a0fefbef489b43621612dd55b59eae49cf8fa9a95efd7	PE32	2022-03-20 21:32:03	User Submission	YRP/IsPE32 YRP/IsConsole YRP/domain YRP/IP [+] YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/SEH__vectored YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/bitcoin YRP/escalate_priv YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
2b99b6baf3dca3e645c68bdf5b307f2788c631a438336d093998a7acc599c5f9	PE32	2022-03-20 21:22:32	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section
964f58f47e3a9e3d378e0c715625e02d7522d32008951e8f7a516b6a7a60a042	PE32	2022-03-20 21:00:29	User Submission	YRP/Visual_Cpp_2005_DLL_Microsoft YRP/Visual_Cpp_2003_DLL_Microsoft YRP/IsPE32 YRP/IsDLL [+] YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/win_hook
03dbd7e7306a8bf50b6423d1df0bf259177f32380e48a147ec0e842487c0bfb6	PE32	2022-03-20 21:00:15	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/ThreadControl__Context YRP/inject_thread YRP/network_http YRP/win_token YRP/win_files_operation YRP/Advapi_Hash_API YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API FlorianRoth/DragonFly_APT_Sep17_3
43044908753dee50f5d7f51926d2e2103673e369ffd2128ec3b63bc9a1a7477b	PE32	2022-03-20 20:14:49	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section
2debef67c4e8e9a28af920688b23e858876be623573f2cf23edcd50856388622	PE32+	2022-03-20 20:00:46	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsConsole YRP/HasOverlay [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/WMI_strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library
43b62d57fbc04026e7d63239b5d3197e10b815410f84e178052091f4ce7d0ab0	PE32+	2022-03-20 20:00:39	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsConsole YRP/HasOverlay [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/WMI_strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library
98afd680cc4af78efa802f72ac38570c79093431f5df309aadd982cfffba6567	PE32	2022-03-20 19:42:11	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section
facd3ee7d90d6e48d48aebc76752a5ada6b9fa1df7c954661f53e83a14bb744d	PE32	2022-03-20 19:00:40	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/contentis_base64
435be1c6e904836ad65f97f3eac4cbe19ee7ba0da48178fc7f00206270469165	PE32	2022-03-20 19:00:33	User Submission	YRP/Armadillo_v171 YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional YRP/Microsoft_Visual_Cpp_50 [+] YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Armadillo_v171_additional YRP/Microsoft_Visual_Cpp YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/win_files_operation YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API FlorianRoth/DragonFly_APT_Sep17_3
821eae070c8976bbf0678f9f767d3c2a2ed1d5be764b69179239d8e68fb0c8f2	PE32	2022-03-20 19:00:27	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/escalate_priv YRP/screenshot YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant
f94b6af29593c16821a94ce5cbb8499f8ea44f25a86d6c21999c875595fb42c6	PE32	2022-03-20 19:00:21	User Submission	YRP/Nullsoft_PiMP_Stub_SFX YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/escalate_priv YRP/screenshot YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/CRC32_poly_Constant
aec910e58c47c81a85d972af2aa8bdef621c03cd655cba254eb727d36fb03061	PE32	2022-03-20 17:58:30	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section
6deeb1205f1768b632f623fc0133a963fe374e3f68c3f345948a6820f232743a	PE32	2022-03-20 17:18:28	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/contentis_base64
ff74f7d87e11ad84ec0eeeafb8a2c4dd8ae85737db02aaa5cc812fdc83c916a5	PE32	2022-03-20 16:43:30	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasOverlay YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Big_Numbers0
ff68eaa6d58205bb3474da47a16e02dc8f622c210abaa05318d460a1582ba883	PE32	2022-03-20 16:43:20	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/contentis_base64
ff528f0bffca99cc699451929672e37817077e342390e7115eeb2cba161e08a7	PE32	2022-03-20 16:43:13	User Submission	YRP/possible_includes_base64_packed_functions YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET [+] YRP/Microsoft_Visual_Studio_NET_additional YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/contentis_base64 YRP/Big_Numbers3
ff4bcfd3663088b0e8fed48b19bf950f8a6680fea9d3b0a478ac1fbfbcefeeef	PE32	2022-03-20 16:43:11	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64
ff11cc320a56b5aa8cdfc8ce4bbd78926624ebdac7514446556c28feebed0e15	PE32	2022-03-20 16:42:53	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/contentis_base64 YRP/network_smtp_dotNet YRP/keylogger YRP/win_hook YRP/CRC32_poly_Constant YRP/CAP_HookExKeylogger
fea27a041a45b4f5fd5fb49c50f0dd538e3fc2448374a2cde475204fc7cdd454	PE32	2022-03-20 16:42:12	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/anti_dbg YRP/win_registry YRP/win_token YRP/win_files_operation
fe853873f403fbfa348d5d8439e86fd98e6b70253a5bf85be85f3b9092a3ef14	PE32	2022-03-20 16:41:56	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/contentis_base64 YRP/network_smtp_dotNet YRP/keylogger YRP/win_hook YRP/CRC32_poly_Constant YRP/CAP_HookExKeylogger
fdeac1758dae3e3811f020f3d9d44fb984c4397c924c4c8e880f4e41fdf130f7	PE32	2022-03-20 16:40:24	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_smtp_dotNet YRP/keylogger YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CAP_HookExKeylogger
fdcfe91ecf3940c58623a8e641bbb8065ce851de470f17c98bba19b9d05b0832	PE32	2022-03-20 16:40:09	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/android_meterpreter
fda323de5210f1ec46ee237d0e58558d78d34474ea282bf5dd1ca448c5ad369b	PE32	2022-03-20 16:39:45	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64
fd5616d669a89ba643bd4cc035d4d1924a71b11618cd61c8e783de746753b62a	PE32	2022-03-20 16:39:25	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/win_files_operation
fd28ac9eba5ec352d343e94b7667fa079ba885ff594d52fe591cf81eea2c03ee	PE32	2022-03-20 16:38:52	User Submission	YRP/Armadillo_v2xx_CopyMem_II_additional YRP/Microsoft_Visual_Cpp_70_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/DES_sbox YRP/VC8_Random YRP/Str_Win32_Winsock2_Library
fc040f79a1bc262a30ddedb9c184174b6c809282e60d04ee1ac829104967c205	PE32	2022-03-20 16:36:10	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/contentis_base64 YRP/suspicious_packer_section
fbc1216c283a714dddf9d37d6efa24f4f844238701781b0016a444c97df59ee6	PE32	2022-03-20 16:35:41	User Submission	YRP/possible_includes_base64_packed_functions YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET [+] YRP/Microsoft_Visual_Studio_NET_additional YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/anti_dbg
fb75efa8434d35a049d6608b6534df5c0716d33eb373f63cda5333796e16f1ec	PE32	2022-03-20 16:34:56	User Submission	YRP/Visual_Cpp_2005_DLL_Microsoft YRP/Visual_Cpp_2003_DLL_Microsoft YRP/IsPE32 YRP/IsDLL [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/contentis_base64 YRP/anti_dbg YRP/win_files_operation
fb6e964f34f1c68787e0b68226be22a1fae6e82dafd5476d8684d06aa6be938c	PE32	2022-03-20 16:34:49	User Submission	YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI [+] YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64
ce3c220728c7e22791a10946f7d941e8ae8629bb3418610e3aa3c9b2b2ff440f	PE32	2022-03-20 16:34:39	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section
fb48b5cc967c5bea1799607218168a28acf394c89b5d89de2b7a98ad1a2e0c8c	PE32	2022-03-20 16:34:31	User Submission	YRP/possible_includes_base64_packed_functions YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE [+] YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/contentis_base64 YRP/Big_Numbers3
fb28a89e1067428e1cd2c8fd9d41d297a09e5e1f6a1698f70d56871a49f8bc51	PE32	2022-03-20 16:34:12	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64
faf1a8cdd8b88326b56c069a4a0ec399673d178dcf4625d1e8136a47a9720607	PE32	2022-03-20 16:33:25	User Submission	YRP/possible_includes_base64_packed_functions YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE [+] YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/contentis_base64 YRP/Big_Numbers3 YRP/suspicious_packer_section
fad6f1e59c3d79075062761a1003d8877f258b30999d5bfef6512c9a09f85a35	PE32	2022-03-20 16:33:10	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64
fa7ad019008c5bd1b69b90de051e62e91d5e81350ba6200be27d5851a8fa391e	PE32	2022-03-20 16:32:27	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/anti_dbg YRP/disable_dep YRP/network_http YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
fa355139bfaa9fcf4324154194f2cb280899be4863fd278c7b06440d84a14d39	PE32	2022-03-20 16:31:51	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64
fa1d76b3b91067daa21b5b953ddd36b570e033b1f95687e5482eec26afb79ee2	PE32	2022-03-20 16:31:43	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/contentis_base64 YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CAP_HookExKeylogger
f9e4285da09e52bb7663a55b15e36210aead9761fab4f7e63563259566f4b740	PE32	2022-03-20 16:31:03	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64
f9bd72771da7917018cfca8a80bb7dad2e8e029aedcd8851c320256243c5e9db	PE32	2022-03-20 16:30:42	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/contentis_base64 YRP/network_smtp_dotNet YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CAP_HookExKeylogger
f9bbcdd411bd3a80581683e68a84a71f9a6c5c8dff281c6db02d0d1da384eba4	PE32	2022-03-20 16:30:40	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/domain YRP/IP YRP/url YRP/contentis_base64
f93dab0fecce9ee199b9a5196b2c2b513b988b78d2f2d79b233e7a74c50176d7	PE32	2022-03-20 16:29:53	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/contentis_base64
f9397a0438f1e3a8d03aa326dc4910482df49dd295228d9a4dda1f55247fd6e3	PE32	2022-03-20 16:29:47	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/domain YRP/IP YRP/url YRP/contentis_base64
f934c685506a5fc30ba4c63a14f81c2c51863a264c498186234b2edf7d05e51d	PE32	2022-03-20 16:29:45	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsConsole YRP/HasDebugData YRP/domain YRP/IP YRP/contentis_base64 YRP/Misc_Suspicious_Strings FlorianRoth/DragonFly_APT_Sep17_3
f9031bbe128856aeee7daa724115986d2165297024f7a797027a65967c9b0f5d	PE32	2022-03-20 16:28:56	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/domain YRP/IP YRP/url YRP/contentis_base64
f8c831d660341d8de03ea474abb42654a9173ee5f85e368fba907ff1dcc09c62	PE32	2022-03-20 16:28:18	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData [+] YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_tcp_socket YRP/win_mutex YRP/win_files_operation YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
f8b4f7113aa0d1a2c45da336f44aa6f3aac6ccceb9e1251842fdc086b1f33eef	PE32	2022-03-20 16:28:06	User Submission	YRP/possible_includes_base64_packed_functions YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET [+] YRP/Microsoft_Visual_Studio_NET_additional YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/android_meterpreter
f8a505c194572963b8defea169a2bf9b7e87ba2a38df1afb990623715a81daf3	PE32	2022-03-20 16:27:59	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/anti_dbg YRP/win_mutex YRP/win_files_operation YRP/TEAN
f89735262eafaafe7d296c51043f3e0b0b499f06f25021b4bcad470674fbbdb6	PE32	2022-03-20 16:27:51	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/contentis_base64 YRP/keylogger YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CAP_HookExKeylogger
f892f7e0b4bcfd9084ac791d72a87a95a16ca175a154faf0a2e24da5dd205bce	PE32	2022-03-20 16:27:47	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64
f83df92f9d78101b5376837923351b70eb6581d4ee2b7bf251ef8a2387177064	PE32	2022-03-20 16:27:16	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64
f81ffe76cfa1447a52ab6613c83933a5040b49221bb16c5a86ba416b3026240b	PE32	2022-03-20 16:26:55	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64
f80127513813eeb1bc2dd4aa089ad41c4bf9eb6cfdbd4aaf8490486d3eeca613	PE32	2022-03-20 16:26:26	User Submission	YRP/possible_includes_base64_packed_functions YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET [+] YRP/Microsoft_Visual_Studio_NET_additional YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/anti_dbg
f782488d6cffc08636ce326d9ab116f99c7abb7a6ced4391f9341e709144d100	PE32	2022-03-20 16:25:36	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/contentis_base64
f77093e6825992bc91bc28182f5501b108da54f0f180429addf5b020dc9ed86b	PE32	2022-03-20 16:25:22	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64
f716ab9313b06641383d661d1e404c2ed76352f17fb7143bccf4d2d317301239	PE32	2022-03-20 16:25:00	User Submission	YRP/Armadillo_v2xx_CopyMem_II_additional YRP/Microsoft_Visual_Cpp_70_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/DES_sbox YRP/VC8_Random YRP/Str_Win32_Winsock2_Library
f71131394d99b86b0a3103691f80345859a273bc8a0c6c83e7629b28de1d922e	PE32	2022-03-20 16:24:54	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64
f70cd1568d92c035119e5bb9e8bf1ada495ba6f31c6d042ac1d98ac3060d59a1	PE32	2022-03-20 16:24:51	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/contentis_base64 YRP/Dropper_Strings YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CAP_HookExKeylogger
f70c4044cff54d7bb32634d189f5ac234091f53a5acce9f17dcfefca4c22b397	PE32	2022-03-20 16:24:49	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsConsole YRP/domain YRP/IP YRP/contentis_base64 YRP/Misc_Suspicious_Strings FlorianRoth/DragonFly_APT_Sep17_3
f6fc22ec88e5653d35064b62baba0b24d9a66391412f21488053e6df37b87c98	PE32	2022-03-20 16:24:42	User Submission	YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI [+] YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Big_Numbers3
f646b963da9c039c682f75c76ab369956e63804aeea00561e448fb26ca5751d3	PE32	2022-03-20 16:23:25	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/anti_dbg YRP/escalate_priv YRP/win_mutex YRP/win_token YRP/win_files_operation YRP/TEAN
f62f3cde15b3f736af8a87f8999149eb5e8ada35513883b56dc120db3781b20f	PE32	2022-03-20 16:23:20	User Submission	YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI [+] YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Big_Numbers3
0c2ade2993927f6de828e30c07156c19751b55650a05c965631ca0ea1c983498	PE32	2022-03-20 16:22:10	User Submission	YRP/Visual_Cpp_2003_EXE_Microsoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/with_sqlite
f5773e4517ef94e87022bae134a0298f6f9e688561c41e0ef5d4dd75d8defd51	PE32	2022-03-20 16:21:51	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_smtp_dotNet YRP/MD5_Constants
f53226476a8190fb69a366544e4f394e50e487c429977165a5efdd9e1dbec83e	PE32	2022-03-20 16:21:22	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/contentis_base64 YRP/anti_dbg YRP/win_files_operation
f51b27c102c7948e4d46dc3d4d46c29260f0154f49d74adb54bfa76db9a985f2	PE32	2022-03-20 16:21:05	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64
f5116b9b63b421105c70ed959874666013dd180ca81496faa067062c7d989060	PE32	2022-03-20 16:20:58	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64
f4c0e5c6f0deef58b93fb675108501bdffca205910f15253fe007a399532d6e5	PE32	2022-03-20 16:20:25	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64
f49d13411efa1b43fa53a5dc39e03d62164f21620ec3c18b870710275685933c	PE32	2022-03-20 16:20:09	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64
f47d762b27ea2b15ebede9b47141d2a9ea759409849f4fb4799088193eedceb3	PE32	2022-03-20 16:19:44	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/contentis_base64
f434312e8ce38172180f281f6b3951879e82f42a07362f89179d91ded810feea	PE32	2022-03-20 16:19:32	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsConsole YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Qemu_Detection
f429fb56b7b8f50df583b3bd769ba68f8c89e4b1078d38464362529b7af00391	PE32	2022-03-20 16:19:27	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/contentis_base64
f4119900c427b8db4429de992f650b4a833a31df5aa565bc2614f2d4e49d5b76	PE32	2022-03-20 16:19:14	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64
f394be3f5bca6042b4c243810e61047cdc48802d278059ab03d07b2495e48704	PE32	2022-03-20 16:18:33	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData YRP/domain YRP/IP YRP/contentis_base64 YRP/anti_dbg YRP/win_files_operation
f3772703fb8a5efb3388b9c184af6bf1dcb8f3a41307c1da615612dbd07855f7	PE32	2022-03-20 16:18:15	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64
f32b4c4b199d539bd0016f9f31100dc04d33024ba6b96cee72e42a6f0f98f880	PE32	2022-03-20 16:17:50	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay [+] YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/escalate_priv YRP/screenshot YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/CRC32_poly_Constant
f31917bd3aeaffb8de38f01fc96a3d9a0ca11ac5bc4ee9646908c53279833099	PE32	2022-03-20 16:17:41	User Submission	YRP/Visual_Cpp_2005_DLL_Microsoft YRP/Visual_Cpp_2003_DLL_Microsoft YRP/IsPE32 YRP/IsDLL [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/contentis_base64 YRP/anti_dbg
f2bb3051e36a5654e12178a22f97ee52322843a7a484a07f25f177737bae6c20	PE32	2022-03-20 16:16:58	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64
f2209224cc5688ee6f73d6d5977b9bdba3996af5d4eb28b523910e4ffb84d313	PE32	2022-03-20 16:15:41	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/contentis_base64 YRP/network_smtp_dotNet YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CAP_HookExKeylogger
f19aa26546ae8dba9987d3d281a50b46483669640d48cf8cad39ecb0aef46fb7	PE32	2022-03-20 16:14:27	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/anti_dbg YRP/win_registry YRP/win_token YRP/win_files_operation
f199ddc51e67123423b6d58ce8cb90b7ac939fec447fedf647650f09497d1c46	PE32	2022-03-20 16:14:26	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/contentis_base64
f163f4788da0d445dec687df7d215b6af3c4bea10589fa268e6aff20ff335510	PE32	2022-03-20 16:13:48	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/anti_dbg YRP/escalate_priv YRP/screenshot YRP/win_registry YRP/win_token YRP/win_files_operation YRP/CRC32_poly_Constant YRP/RIPEMD160_Constants YRP/SHA1_Constants
f15576ff3aabce5f3352cf7becec0414d4d2eb6473405276a508fb07a1d446f7	PE32	2022-03-20 16:13:37	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay [+] YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/escalate_priv YRP/screenshot YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/CRC32_poly_Constant

Recent Searches
yrp/ip
yrp/glassescode
yrp/spyeye_plugins
yrp/crypto_lock_v202_eng_ryan_thian_additional
yrp/warpcode
yrp/create_com_service
yrp/flycrypter10ut1lz
yrp/mithril_mithril
yrp/petite13
yrp/obsidium_1200_obsidium_software_additional

Search

Recent Searches