MalShare

SHA256 Hash	File type	Added	Source	Yara Hits
2fc6d0c6c22cbb2091a1af6c400259d4abda88c55a987e6477622f04bcdd20c1	PE32	2022-02-24 20:13:46	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/Big_Numbers3 FlorianRoth/DragonFly_APT_Sep17_3
8cf20090fdd3aed49805e8d2d5f5bf1f6454c1c941a77edab56c49bcb9d54ac3	PE32	2022-02-24 18:14:26	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/MASM_TASM YRP/PackerMASMTASM_Lenguaje_Compilador [+] YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
72634a37b360590f5f305e26ebe850826120cd907337367b815d2a58262a32ac	PE32	2022-02-24 17:21:57	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/Big_Numbers1 YRP/Big_Numbers3 FlorianRoth/DragonFly_APT_Sep17_3
cb26580597e0d11486fcdac26c7fdaaccf2b38907eea77d4573e7dbd3115d2d1	PE32	2022-02-24 11:27:52	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/MASM_TASM YRP/PackerMASMTASM_Lenguaje_Compilador [+] YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
d30b1c23b24a06ef7de00363cf9570e8622c68a1adef80570fcc44ce46b586d0	PE32	2022-02-24 10:28:00	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/MASM_TASM YRP/PackerMASMTASM_Lenguaje_Compilador [+] YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
59332a62605f3bca4526748778be8e374e427b5244a60ab7596625a916099c39	PE32	2022-02-24 04:14:25	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/suspicious_packer_section
fe9eeb0b7c828c72da230c443d5caf2bffda6e0c9c96e1c99fbbfc61104adaf7	PE32	2022-02-24 01:22:58	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/Big_Numbers1 YRP/Big_Numbers3 FlorianRoth/DragonFly_APT_Sep17_3
86b706fbd79d9587749bc3adf3196c53bb473ba9c6c41f8ec50ca3cdc3ab0d90	PE32	2022-02-23 23:54:13	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/Big_Numbers3 FlorianRoth/DragonFly_APT_Sep17_3
a8f5de8fc92f27efcfddfcdab7a5353d643b9d677e4975e29ae115160316c606	PE32	2022-02-23 22:16:01	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/MASM_TASM YRP/PackerMASMTASM_Lenguaje_Compilador [+] YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
cc3b3abdaa8b3e75558af7547fb8045d05fbc9987d494a754fb4766568aee0c6	PE32	2022-02-23 22:00:49	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/Big_Numbers1 YRP/Big_Numbers3 FlorianRoth/DragonFly_APT_Sep17_3
50a21c9b8a21364e1cd97907c6d62650471984b09f819ed64bc45814c182ee51	PE32	2022-02-23 19:12:07	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/MASM_TASM YRP/PackerMASMTASM_Lenguaje_Compilador [+] YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
72aaf1d4021adddfec4fbea5dece0690cd49a3a1a88015379632f69f2e032584	PE32	2022-02-23 16:06:25	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/anti_dbg YRP/win_files_operation YRP/Big_Numbers3 YRP/PUP_InstallRex_AntiFWb YRP/suspicious_packer_section FlorianRoth/PUP_InstallRex_AntiFWb
f07a8f9a2ac4e28e0309b8beeab1a183387a383fb943446105295c3325575265	PE32	2022-02-23 09:39:22	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/MASM_TASM YRP/PackerMASMTASM_Lenguaje_Compilador [+] YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
d79ac03f11b50215188718215c0c53ed5294ce7318af645ce9e4b40427d6a184	PE32	2022-02-23 09:23:13	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/PUP_InstallRex_AntiFWb YRP/suspicious_packer_section FlorianRoth/PUP_InstallRex_AntiFWb
429578e127b2335eac72b69c6ad1b51dca1ef714716ab7eb643a87c1c71acee4	PE32	2022-02-23 08:49:55	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/PUP_InstallRex_AntiFWb YRP/suspicious_packer_section FlorianRoth/PUP_InstallRex_AntiFWb
bc548942b6496408689aea2794d26ff4f579fac904bcaafafd34aaec8b3cc1aa	PE32	2022-02-23 00:35:39	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/MASM_TASM YRP/PackerMASMTASM_Lenguaje_Compilador [+] YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
cdc6f25228e81547f496f8092232bd72a26ea5b12a9539ba1786ec8b090cbc4d	PE32	2022-02-22 23:38:39	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/anti_dbg YRP/win_files_operation YRP/Big_Numbers3 YRP/PUP_InstallRex_AntiFWb YRP/suspicious_packer_section FlorianRoth/PUP_InstallRex_AntiFWb
c9b3c0738a1e30bcb6c03fe7c68782910f25145becf7b65a431ab02491d4f7b2	PE32	2022-02-22 23:13:02	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Misc_Suspicious_Strings YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/suspicious_packer_section
cd6139ace98a6d01fa730714851e2b401942048ff521b8c6824393e9981ba082	PE32	2022-02-22 23:01:35	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/RE_Tools YRP/Antivirus YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/PUP_InstallRex_AntiFWb YRP/suspicious_packer_section FlorianRoth/PUP_InstallRex_AntiFWb
0975ddf307fa869509383298bc2f4fc967cb246dbe8600456a95557a76758336	PE32	2022-02-22 19:18:44	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/win_files_operation FlorianRoth/DragonFly_APT_Sep17_3
faef9b987b9eb1667c0aadaf7b6a9d205c2fb784281d20478f09661f2977aa03	PE32	2022-02-22 12:54:03	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/MASM_TASM YRP/PackerMASMTASM_Lenguaje_Compilador [+] YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
4bb1d2130bb7ac35a03eb2f1eb483fc74103cea2086f3fc6984cb8724bcbcbfc	PE32	2022-02-21 23:12:18	User Submission	YRP/MASMTASM YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/domain YRP/contentis_base64
572d640af3a3f285dba3fbcbcbbe02b783adfbd4edb08564c44d57115941c8f8	PE32	2022-02-18 08:07:20	User Submission	YRP/MASMTASM YRP/EnigmaProtector1XSukhovVladimirSergeNMarkin YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/win_registry YRP/CRC32_poly_Constant YRP/Str_Win32_Winsock2_Library
83aded6c4a5bcc013ad90cebd56f37fd446bd4159b167f087eb584d7030b8647	PE32	2022-02-18 07:11:04	User Submission	YRP/MASMTASM YRP/Borland YRP/MaskPEV20yzkzero YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/domain YRP/IP YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/inject_thread YRP/create_service YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/sniff_audio YRP/spreading_share YRP/rat_webcam YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Delphi_Random YRP/Delphi_FormShow YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Delphi_StrToInt YRP/Delphi_DecodeDate YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/CookieTools YRP/suspicious_packer_section
6e28a1eb98aef66d7c0103e3a88dcf0052fbb4b0262dd7f70e110452737ae5cf	PE32	2022-02-18 04:17:55	User Submission	YRP/MASMTASM YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/keylogger YRP/rat_webcam YRP/win_registry YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section
968036fb666d5622e55d7420ae61bc460b161df4c2b642fc53a05ca3f582c28f	PE32	2022-02-18 00:44:21	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
2ed84c10a909fe17f2ceb76afd8f69bd38683bcb5514451dc6075bf68f8ec229	MS-DOS	2022-02-18 00:37:23	User Submission	YRP/MASMTASM YRP/BeRoEXEPackerV100BeRo YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasModified_DOS_Message YRP/domain YRP/contentis_base64
01f65537cbf107687258d03b14fec4c6c847c45ac6e5762e1b1ab58dee44f1d7	PE32	2022-02-17 23:54:54	User Submission	CuckooSandbox/vmdetect YRP/MASMTASM YRP/EnigmaProtector1XSukhovVladimirSergeNMarkin YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/IsPacked YRP/IsBeyondImageSize YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/VirtualPC_Detection YRP/vmdetect YRP/win_registry YRP/CRC32_poly_Constant
2501afb3298a4c65b53705c06695cdf2f842d995fb637f09428e4f596048cce4	PE32	2022-02-17 20:48:13	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/ThreadControl__Context
6e9ed34e592b5da7ac49e76b88a2d5892c6b694775645d3d932fab98e8640fb1	PE32	2022-02-17 20:02:11	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasModified_DOS_Message YRP/domain YRP/IP YRP/contentis_base64 YRP/win_files_operation
d002c47798788ba2a369fd8456de87460aa3c37c84399ffbb3e4f61812439c0c	PE32	2022-02-17 18:17:08	User Submission	YRP/MASMTASM YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/win_registry YRP/win_files_operation YRP/CRC32_poly_Constant YRP/suspicious_packer_section
16985b6cf4628758598d17ef8c59786d2cdbbea95020ff0af0a00c6ca1217605	PE32	2022-02-17 17:29:12	User Submission	YRP/MASMTASM YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/domain YRP/contentis_base64 YRP/win_registry
938e28468712830cdbd2d950d4190d75f4ae792439c426828ab57e4473db8ea2	PE32	2022-02-17 16:31:27	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
577164e21a2385cfe585c873e0477843bddf5006de22fe888946682b5f899218	PE32	2022-02-17 15:54:34	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasModified_DOS_Message YRP/domain YRP/contentis_base64 YRP/win_files_operation
45bf06374a7f5df8ba380f6f0ea8af6c880588b1d031aa7e8531ecf4cfb06d23	PE32	2022-02-17 13:01:14	User Submission	YRP/MASMTASM YRP/nSpackV2xLiuXingPing YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasOverlay YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/suspicious_packer_section
704d5fc238f123818a93d877b9e02ae806b2a479d2d2a9ea94f52a8daed217bd	PE32	2022-02-17 12:51:01	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/win_files_operation FlorianRoth/DragonFly_APT_Sep17_3
7dfb60be33700ac3accf6961d28a311235b82a9e9fcd4e4bef33a35141e7539e	MS-DOS	2022-02-17 12:44:57	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/ImportTableIsBad YRP/HasModified_DOS_Message YRP/domain YRP/contentis_base64 YRP/Browsers YRP/inject_thread YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/suspicious_packer_section FlorianRoth/DragonFly_APT_Sep17_3
78c0e60a4a0d6cf7657fbad880f420d03ee0386bcdba72d7d0991061d5e5e3d0	PE32	2022-02-17 11:39:49	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64
a3ddb1774cbe6b151c029b949fcbfe680579492a8723e22c91a3861e19ac197e	PE32	2022-02-17 11:34:11	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/IsSuspicious YRP/domain YRP/url YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
6365eb9ff759698466150eeb1709afbb901db93d9869ad2fecc7fae8c88205c9	PE32	2022-02-17 11:29:21	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/domain YRP/contentis_base64 YRP/network_dropper YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/Str_Win32_Winsock2_Library
4c8d2925ddef167ccf11938c3de2237ca683ddc188c0408fa2810e0db1b48dee	PE32	2022-02-17 10:45:22	User Submission	YRP/MASMTASM YRP/PESpinv04x YRP/NakedPacker10byBigBoote YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/contentis_base64
46a110cd792aae1186484c63e365af8c0878dbf3c78b63420b15cb337b743ec2	PE32	2022-02-17 10:11:28	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook
06d636825a519f9870a8af545af9cd163a5d5b987b895ecb326c0784f38627e4	PE32	2022-02-17 05:21:26	User Submission	YRP/MASMTASM YRP/MaskPE16yzkzero YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasOverlay YRP/domain YRP/contentis_base64 YRP/network_tcp_socket YRP/keylogger YRP/rat_webcam YRP/win_registry YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
28ff98e745c2fec571299df348de7fccf9341bee3112ef6952463eca493dd392	PE32	2022-02-17 04:58:19	User Submission	YRP/MASMTASM YRP/NakedPacker10byBigBoote YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/domain YRP/contentis_base64
01e5fe3b17fc0dd02766b650c6e9dcea248fc21de6c6dd2e272b656438febb11	PE32	2022-02-17 04:50:53	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/DebuggerException__SetConsoleCtrl YRP/disable_antivirus YRP/network_http YRP/network_ftp YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/VC8_Random YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
22abe5d06979611645ca08c3f31ae1898b608c73d6e1bec9adb66126eb5e945c	PE32	2022-02-17 01:59:31	User Submission	YRP/MASMTASM YRP/PEArmor07600765hying YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64
415610891f05c1aee10f19345a359801a55c25942700840692437cd7e368df2f	PE32	2022-02-16 23:37:09	User Submission	YRP/MASMTASM YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/escalate_priv YRP/screenshot YRP/win_registry YRP/win_token YRP/Big_Numbers1 YRP/MD5_Constants YRP/Str_Win32_Winsock2_Library
3f9b1d217a095dafc354ed633eb983fcc75ad4623e2f69f0c571da73fe803b8c	PE32	2022-02-16 23:13:42	User Submission	YRP/MASMTASM YRP/EnigmaProtector1XSukhovVladimirSergeNMarkin YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasOverlay YRP/domain YRP/contentis_base64 YRP/network_dropper YRP/win_registry YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
61a8fe821a88dbd0eca40a9d4b4b121dc9974f9052318c7df2ba071840ec9fb2	PE32	2022-02-16 23:04:42	User Submission	YRP/MASMTASM YRP/NakedPacker10byBigBoote YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/domain YRP/contentis_base64
7a36aa773c6612002c780a03dc29b07967b5812200a8d03b5833400b46156255	PE32	2022-02-16 22:08:54	User Submission	YRP/MASMTASM YRP/NsPackv31NorthStar YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasOverlay YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/screenshot YRP/keylogger YRP/rat_webcam YRP/win_registry YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
ffd2b7c775144a9e3bb0ec18248b3b088dfeecba5772a8e4f8c2b695137fc1b5	PE32	2022-02-16 20:40:02	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasModified_DOS_Message YRP/domain YRP/contentis_base64 YRP/win_files_operation
59cc6242dd6a14eca7b2382446a8bd78bd3f78b4abf6f873387b1d0081bfa688	PE32	2022-02-16 20:01:54	User Submission	YRP/MASMTASM YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/escalate_priv YRP/screenshot YRP/win_registry YRP/win_token YRP/Big_Numbers1 YRP/MD5_Constants YRP/Str_Win32_Winsock2_Library
88b6b16d2eca7a18953441eb7502913a8ee2bc3338625d7455c5c174616b7546	PE32	2022-02-16 19:26:57	User Submission	YRP/MASMTASM YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/escalate_priv YRP/screenshot YRP/win_registry YRP/win_token YRP/Big_Numbers1 YRP/MD5_Constants YRP/Str_Win32_Winsock2_Library
2bb3f80bdc9ed7ffa49d9b880957bb2462a037af56986924a586952d257c7d5b	PE32	2022-02-16 18:52:03	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/screenshot YRP/win_registry YRP/win_files_operation YRP/CRC32_poly_Constant YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section
e8a23bd22636c5fc76ecb30b02c2d05e0bd1cf5a7baf5e4f0f8a53bbe15ffbdd	PE32	2022-02-16 16:25:53	User Submission	YRP/MASMTASM YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/contentis_base64 YRP/screenshot YRP/rat_webcam YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/UPX YRP/suspicious_packer_section
01a4adc9271d75a9a25d83283ae37d2932305f96a2d89a73811702cb7f60851d	PE32	2022-02-16 14:05:50	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/Str_Win32_Winsock2_Library FlorianRoth/DragonFly_APT_Sep17_3
6a0fe3af767f7f537e017e285c6ac9c782cbf447037772bf61b7afddb153d395	PE32	2022-02-16 13:55:06	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasModified_DOS_Message YRP/domain YRP/contentis_base64 YRP/win_files_operation FlorianRoth/DragonFly_APT_Sep17_3
a7981b705bb2ac1452a763c28861eda850d2ecd75a079133a8275b93c5103bb9	PE32	2022-02-16 13:43:13	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/System_Tools YRP/screenshot YRP/win_files_operation
f20e60cb3ad7187d5f020b0574b99d60c81e14f934aed43d7f1d46cae62a9212	PE32	2022-02-16 13:03:28	User Submission	YRP/MASMTASM YRP/IsPE32 YRP/IsWindowsGUI YRP/domain [+] YRP/url YRP/contentis_base64 YRP/SEH__vba YRP/network_dropper YRP/screenshot YRP/keylogger YRP/win_registry YRP/win_files_operation YRP/UPX YRP/suspicious_packer_section
7b9f8ff078b92485e8cffa512421d1bd1ff9c36820245d73bdf9512cfea46a7a	PE32	2022-02-16 12:21:48	User Submission	YRP/MASMTASM YRP/nSpackV2xLiuXingPing YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/CookieTools YRP/suspicious_packer_section
f5d37c2f9df516f3b459d3b2ce9f803bd28b046fd6e33d5d60e0f73db63335d4	PE32	2022-02-16 12:11:21	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/BASE64_table YRP/UPX YRP/suspicious_packer_section
46a6901036650904fba6512221fe9d44b218adf6e6b5e1b085ac0a74a608015e	PE32	2022-02-16 09:55:22	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook
fe435a179c8a05d1f606ab0ca8d005c6a02a6ce3e38e62c3a0ee5ff1b2fb7270	PE32	2022-02-16 06:51:25	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/anti_dbg YRP/win_registry YRP/win_files_operation
278e263641f99a8a2f3a2de39db9b0b9a45bd43d2e46337ed1a6ad5662e23e19	PE32	2022-02-16 05:42:32	User Submission	YRP/MASMTASM YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/suspicious_packer_section FlorianRoth/DragonFly_APT_Sep17_3
e1d180eb097c1be95de71b2902e98ca09f553e1dbd6096504d61acb7f49de276	PE32	2022-02-16 02:05:32	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/without_images YRP/without_urls YRP/domain YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/network_dyndns YRP/network_smtp_raw YRP/network_irc YRP/network_dropper YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Str_Win32_Winsock2_Library FlorianRoth/DragonFly_APT_Sep17_3
ed95861fe90fc368ad02148d37a8ec46f026f616ea79b13a3961ad24c9642736	MS-DOS	2022-02-16 01:40:04	User Submission	YRP/MASMTASM YRP/BeRoEXEPackerV100BeRo YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasModified_DOS_Message YRP/domain YRP/contentis_base64
1a0e0215377d7173a479f3b54961687f71b1f1d8599f627c7d3a2b6b682187b7	PE32	2022-02-15 21:55:58	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/network_tcp_socket YRP/Str_Win32_Winsock2_Library FlorianRoth/DragonFly_APT_Sep17_3
57971edadf128b4d332b594a5ee42373fa19ad7c4de89d055f82112798c1820e	PE32	2022-02-15 19:09:06	User Submission	YRP/MASMTASM YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/domain YRP/contentis_base64 YRP/CookieTools YRP/suspicious_packer_section
b9d6bf45d5a7fefc79dd567d836474167d97988fc77179a2c7a57f29944550ba	PE32	2022-02-10 04:03:05	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/powershell YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/network_tcp_socket YRP/network_dns YRP/win_mutex YRP/win_token YRP/win_files_operation YRP/Str_Win32_Winsock2_Library FlorianRoth/DragonFly_APT_Sep17_3
02ba78586f826a7f6e249c846dadb63466ed101402d59ce763aa148e4713fc54	PE32	2022-02-05 21:03:03	User Submission	YRP/MASMTASM YRP/IsPE32 YRP/IsWindowsGUI YRP/domain [+] YRP/url YRP/contentis_base64 YRP/win_private_profile YRP/win_files_operation FlorianRoth/DragonFly_APT_Sep17_3
4091dd3ca88a4b61113a489e156ca5fbab3fbc531bea92d548c084423a756263	PE32	2022-02-05 20:02:50	User Submission	YRP/MASMTASM YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/network_smtp_raw YRP/network_tcp_socket YRP/network_dns YRP/win_private_profile YRP/win_files_operation YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library FlorianRoth/DragonFly_APT_Sep17_3
2a54025910de753c01bb75f146d947f11bb604c5b468094469498bf2b636b800	PE32	2022-02-05 20:01:37	User Submission	YRP/MASMTASM YRP/IsPE32 YRP/IsWindowsGUI YRP/domain [+] YRP/contentis_base64 YRP/Dropper_Strings YRP/win_private_profile YRP/win_files_operation YRP/Str_Win32_Wininet_Library FlorianRoth/DragonFly_APT_Sep17_3
f47edab8a435f3c36fb92e25dbcaa2cc0f087f96cc1578a62cbf165fc6be8321	PE32	2022-02-05 20:01:07	User Submission	YRP/MASMTASM YRP/IsPE32 YRP/IsWindowsGUI YRP/domain [+] YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/network_dns YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/Str_Win32_Winsock2_Library FlorianRoth/DragonFly_APT_Sep17_3
65d541c76daef35f0036b37c1e8d993e1211a2ff4d74ae6ef0c8d6731c0cf866	PE32	2022-02-05 20:00:36	User Submission	YRP/MASMTASM YRP/IsPE32 YRP/IsWindowsGUI YRP/domain [+] YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/Str_Win32_Wininet_Library FlorianRoth/DragonFly_APT_Sep17_3
e7bf2cd1a6e1db431b153f0263ae060e9a176c9310467d6b103a64331c070a38	PE32	2022-02-05 03:00:15	User Submission	YRP/MASMTASM YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/Contains_VBE_File YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/VMWare_Detection YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/WMI_VM_Detect YRP/disable_taskmanager YRP/screenshot YRP/win_registry YRP/CRC32_poly_Constant YRP/suspicious_packer_section
876c2b332d0534704447ab5f04d0eb20ff1c150fd60993ec70812c2c2cad3e6a	PE32	2022-02-01 14:00:55	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/powershell YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/network_tcp_socket YRP/network_dns YRP/win_mutex YRP/win_token YRP/win_files_operation YRP/Str_Win32_Winsock2_Library FlorianRoth/DragonFly_APT_Sep17_3
2943422176311d39160f999ae0ff9b88cc63b5604413b497da1f1420774b2c69	PE32	2022-01-23 16:00:24	User Submission	YRP/MASMTASM YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/win_registry
6298c8c988c66a49060bf7d7a32fa0dc96ba8b5db679321994b0194f2f077fa8	PE32	2021-12-11 17:01:34	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/ImportTableIsBad YRP/HasModified_DOS_Message YRP/domain YRP/url YRP/Misc_Suspicious_Strings FlorianRoth/DragonFly_APT_Sep17_3
6904e92f5db2815659c771bd08ea0b40a339eb6ef88a1bb743cce63df44207ca	PE32	2021-12-05 17:00:33	User Submission	YRP/MASMTASM YRP/IsPE32 YRP/IsNET_EXE YRP/IsConsole [+] YRP/IsPacked YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/win_registry
45b9e820b3ab997c498a28d59601b1b72fbbf3b9415f8c75843ff24c2b250193	PE32	2021-11-04 16:01:15	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/powershell YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/network_tcp_socket YRP/network_dns YRP/win_mutex YRP/win_token YRP/win_files_operation YRP/Str_Win32_Winsock2_Library FlorianRoth/DragonFly_APT_Sep17_3
4b74d174f38f35432e255b26c97fd0d6e42f986b3efc76045edf69485d23e143	PE32	2021-10-06 21:00:43	User Submission	YRP/MASMTASM YRP/IsPE32 YRP/IsNET_EXE YRP/IsConsole [+] YRP/IsPacked YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/win_registry
678b3119ad3c2d5596d32069b4edce2986b793506d1501fe36922c016e7075d3	PE32	2021-09-24 09:09:41	User Submission	YRP/MASMTASM YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI [+] YRP/IsPacked YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/win_registry
cea699be9ae7dfa92d1725a9ece33071f1e707e9cde5ec5137d4a28f1f74a10d	PE32	2021-08-28 20:01:30	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/powershell YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/network_tcp_socket YRP/network_dns YRP/win_mutex YRP/win_token YRP/win_files_operation YRP/Str_Win32_Winsock2_Library FlorianRoth/DragonFly_APT_Sep17_3
22d83c0ad086ed336c8b1c1064bcd7e225ff54fa61d3a4a3262ca794631518af	PE32	2021-08-02 14:01:40	User Submission	YRP/ASProtect_v132 YRP/MASMTASM YRP/IsPE32 YRP/IsNET_EXE [+] YRP/IsWindowsGUI YRP/IsPacked YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/win_registry
1aef94e54c1af9a8d0c4fa4cbdc602c025a2b10a097e87184ceb89e124d26e6a	PE32	2021-07-13 21:02:46	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/powershell YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/network_tcp_socket YRP/network_dns YRP/win_mutex YRP/win_token YRP/win_files_operation YRP/Str_Win32_Winsock2_Library FlorianRoth/DragonFly_APT_Sep17_3
6a3acf3c2a723f10426f63a2068a5f222f1385d15a55a1807f2e885586a960a3	PE32	2020-06-30 15:30:58	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
777ddb9774acf3cae295bbd36b35a7a507a17433147b1d72b73e8386d605ecd9	PE32	2020-06-30 14:17:02	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/win_registry FlorianRoth/DragonFly_APT_Sep17_3
11c0aa48a8932d9f10cc7d44b237500d4bee8cfd5bf3c1049e03f3f3aa23f047	PE32	2020-06-30 06:06:01	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/contentis_base64
118491b60878e4b43a740aa4373f4967196fb73d68c9a423bc356809c32e8366	PE32	2020-06-29 18:54:52	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/win_registry YRP/win_files_operation FlorianRoth/DragonFly_APT_Sep17_3
119827618fd4600d0a34fae9d8ede152727c7280bda5262527f3abe85df8737e	PE32	2020-06-29 18:48:46	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/ThreadControl__Context
ed1ed6979e2b38b77cc62730f7dc4cc0b96eca3558669a62a6e91cabef242aa9	PE32	2020-06-29 16:24:24	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/win_registry YRP/win_files_operation YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section FlorianRoth/DragonFly_APT_Sep17_3
fd2f6db337f63dc40967fd62c0245c91a145836aecb482770af50462d00d89c7	PE32	2020-06-29 05:27:31	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/FSG_v110_Eng_dulekxt_Microsoft_Visual_C_Basic_NET YRP/TASM_MASM_additional [+] YRP/PE_Diminisher_v01_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/screenshot YRP/keylogger YRP/Big_Numbers0
ec40329196e3494dc56d8b46a02d241355520ad64c86338ba2f177c26055eea1	PE32	2020-06-28 03:32:50	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/Browsers YRP/win_registry FlorianRoth/DragonFly_APT_Sep17_3
11b229ca2caf2a6d372ddddaaeff00259333a32c60ea91eb5a63fa4c781707a6	PE32	2020-06-27 15:46:34	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 FlorianRoth/DragonFly_APT_Sep17_3
11bc22c22dae6b54648ec6b0f39eb72b2654a50e867bb6534d9c79af2fc859f0	PE32	2020-06-27 15:40:41	User Submission	YRP/MASMTASM YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/domain YRP/contentis_base64 YRP/win_registry
70feb2b554f823bffe61b87deface6b9bd5e4d4d30c3fa22f0a46e3b3e01d7e7	PE32	2020-06-27 13:15:02	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/dUP2xPatcherwwwdiablo2oo2cjbnet YRP/IsPE32 YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/System_Tools YRP/win_files_operation YRP/CRC32_poly_Constant FlorianRoth/DragonFly_APT_Sep17_3
11b2157fb813076079783972bf21337eaf864d08cc1f69736ba8bcc729e70fe3	PE32	2020-06-27 12:56:31	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/UPX YRP/suspicious_packer_section
22f180db8a4fbe4870d169949901896f80415f8f67b1556bd5e75f2fb1cd42f5	PE32	2020-06-27 09:50:16	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/screenshot YRP/win_files_operation YRP/Big_Numbers5 YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table
8d44a0f347e87588ba68c74c66d3b074aeae3a209708ef5a11eb80ef8b34db65	PE32	2020-06-27 07:47:37	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/IsBeyondImageSize YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/win_files_operation YRP/CRC32_poly_Constant FlorianRoth/DragonFly_APT_Sep17_3
11342a9735c6ba28ee3673f0d3fbaccdef38f2144ffd346702c5b8b41ee41cb4	PE32	2020-06-27 07:44:55	User Submission	YRP/MASMTASM YRP/TASM_MASM YRP/TASM_MASM_additional YRP/PE_Diminisher_v01_additional [+] YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/ThreadControl__Context

Recent Searches
yrp/masmtasm
yrp/hyings_pe_armor_076_hying_ccg_additional
yrp/fso_s_zehir4
yrp/hyings_pe_armor_076_hying_ccg
yrp/asprotect_ske_21x_exe_alexey_solodovnikov_h
yrp/apt1_dbg_mess
yrp/rosasm2050abetov
yrp/yodasprotectorv1033ashkbizdanehkar
yrp/simplepack_1x_method2_bagie
yrp/webshell_php_webshells_pws

Search

Recent Searches