MalShare

SHA256 Hash	File type	Added	Source	Yara Hits
87216f15330710de0c1a0fefbef489b43621612dd55b59eae49cf8fa9a95efd7	PE32	2022-03-20 20:32:03	User Submission	YRP/IsPE32 YRP/IsConsole YRP/domain YRP/IP [+] YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/SEH__vectored YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/bitcoin YRP/escalate_priv YRP/keylogger YRP/win_registry YRP/win_token YRP/win_files_operation YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
9486d93dedcb4e1eabc7ab1c778b01459f8afc13aba9d3017e20003c22476100	PE32	2022-03-20 11:49:31	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/DebuggerCheck__QueryInfo YRP/ThreadControl__Context YRP/SEH__vectored YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/escalate_priv YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/GenerateTLSClientHelloPacket_Test
12138a12e35563461860d8c39d80e7cbf80aced9a3f197bf7e6a452a70e07048	PE32	2022-03-20 06:01:33	User Submission	YRP/IsPE32 YRP/IsConsole YRP/maldoc_getEIP_method_1 YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
b4a8795b3c8185c90f2293a4cd29f90dad0384e74aed851104e0a2d28b74dfa9	PE32+	2022-03-20 02:01:52	User Submission	YRP/possible_includes_base64_packed_functions YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/anti_dbg YRP/network_http YRP/network_dga YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/MD5_Constants YRP/WHIRLPOOL_Constants YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
89a9279a31e78ceb036d8be5b2e3c7aeb1021a05cff7bbd5e5025250c911234b	PE32+	2022-03-19 23:00:19	User Submission	YRP/possible_includes_base64_packed_functions YRP/IsPE64 YRP/IsWindowsGUI YRP/domain [+] YRP/IP YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/SEH__vectored YRP/disable_dep YRP/create_service YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
6cb78517e13ef83f9999e5cd96070b398d8b9c36327f7e3c5e68144c6ec79b06	PE32	2022-03-19 19:01:55	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vectored YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/screenshot YRP/win_mutex YRP/win_files_operation YRP/TEAN
e9a9c905ed82a1d8775d8c1c746032d7968dedf5e4bcf0e9601d419ec8bd89d7	PE32+	2022-03-19 02:11:41	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/WMI_strings YRP/DebuggerCheck__GlobalFlags YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/SEH__vectored YRP/Check_Debugger YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/create_service YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/Str_Win32_Http_API
8abaa521a014cdbda2afe77042f21947b147197d274bf801de2df55b1e01c904	PE32+	2022-03-18 12:01:23	User Submission	YRP/possible_includes_base64_packed_functions YRP/IsPE64 YRP/IsConsole YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/SEH__vectored YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_file YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers2 YRP/Big_Numbers3 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
26cb76e67add724d7771d12ffc701a4806c71dc436ff7d6ed0288e899dfd0d9b	PE32+	2022-03-18 10:03:25	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/domain [+] YRP/contentis_base64 YRP/SEH__vectored YRP/antisb_threatExpert YRP/escalate_priv YRP/spreading_share YRP/win_mutex YRP/win_token YRP/win_files_operation YRP/BASE64_table
3cba4c992d174f01a9c3a2d7d785c9f6e9748547fc3e335556a56f132c3dfa5f	PE32	2022-03-18 08:02:14	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vectored YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_file YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers0 YRP/Big_Numbers3 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/RijnDael_AES YRP/RijnDael_AES_CHAR YRP/RijnDael_AES_LONG YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
465af069b401fc9af0d00ff857afe2a44cfd4bac9efd1baeb77236699e52d885	PE32+	2022-03-18 02:13:45	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/VM_Generic_Detection YRP/Qemu_Detection YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vectored YRP/Check_Qemu_Description YRP/Check_VBox_Description YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/suspicious_packer_section
16d820efa2e9ae6a403eba169b73c3bbbdbf2632345581d404cb8da4f3d86f94	PE32+	2022-03-18 02:10:57	User Submission	YRP/Microsoft_Visual_Cpp_80 YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/SEH__vectored YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers3
c50bca08a8e80850ec18d258ff937b7b72a500d9027c730c86b05aa73c938b5d	PE32	2022-03-17 22:03:22	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/maldoc_getEIP_method_1 YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_file YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
3a96c3075b8494fe6a76c6325946ab3f200e75ce26ad886446ea1394b5ac6ba1	PE32	2022-03-17 22:03:12	User Submission	YRP/IsPE32 YRP/IsConsole YRP/maldoc_getEIP_method_1 YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
4dcff0d28d08fefd0160b28aa46e5b859b076a42803eb783dd562d54f7dabf44	PE32	2022-03-17 13:02:29	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
dbdc596826de8586f41ac3a54531fe976caab3d1f4ec7abe8ac3d2990a4ddc45	PE32	2022-03-17 02:23:52	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/HasDigitalSignature [+] YRP/HasDebugData YRP/domain YRP/url YRP/contentis_base64 YRP/ThreadControl__Context YRP/SEH__vectored YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_Long YRP/Str_Win32_Winsock2_Library
bd0f27fcc8f7be6d2c00fd068321421c58a863e7e2717dc5643a16c9d607180d	PE32	2022-03-17 02:21:41	User Submission	YRP/VC8_Microsoft_Corporation YRP/Armadillo_v4x YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/VM_Generic_Detection YRP/Qemu_Detection YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vectored YRP/Check_Qemu_Description YRP/Check_VBox_Description YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/antisb_threatExpert YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/suspicious_packer_section
3a137db2730dc6967122aeef8ecbfed4d3a6fec3144eaa1ea2f6766ee9e8bd04	PE32+	2022-03-17 02:10:01	User Submission	YRP/possible_includes_base64_packed_functions YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/anti_dbg YRP/network_http YRP/network_dga YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/MD5_Constants YRP/WHIRLPOOL_Constants YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
f92b66faf44977389d5624ded8225a36bbfd80ba2abae13597548d203ebbadbd	PE32+	2022-03-17 02:09:48	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__GlobalFlags YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/SEH__vectored YRP/Check_Debugger YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/BASE64_table
4fe176f85b036689ea4ae020eec0f0d22a919c56fc11251bc4dda8db84c2227f	PE32+	2022-03-17 02:05:14	User Submission	YRP/IsPE64 YRP/IsConsole YRP/HasOverlay YRP/domain [+] YRP/url YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/SEH__vectored YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/cred_local YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers3 YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
7a96c5a32badb9650faa842922ad545b7336a676f033e724c1bed574a7c9a960	PE32	2022-03-17 00:01:07	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
6dd995d896a9a593b2c48d09da60bd83866d8577273f36d38788d83ad8173e68	PE32	2022-03-16 21:04:38	User Submission	YRP/IsPE32 YRP/IsConsole YRP/maldoc_getEIP_method_1 YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
5c49f98d3516edf56c996c2da5f095a0b97df772a558bb2e9d5a5d4355adab05	PE32	2022-03-16 21:03:11	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
67eff1dc0836f810382eff5ae6c3b92751dc1b11fc42481a0c66644efb470156	PE32	2022-03-16 09:00:20	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
0ec5ff10006248aef50ba487c718b6154348be611711b5fb8a78a599c0c38293	PE32+	2022-03-16 02:17:32	User Submission	YRP/Microsoft_Visual_Cpp_80 YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/SEH__vectored YRP/anti_dbg YRP/antisb_threatExpert YRP/create_service YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers3
3ca1837df09da2e602aea55ebd267d8550fa548826800a39b41670270a8ddd93	PE32+	2022-03-16 02:01:40	User Submission	YRP/Microsoft_Visual_Cpp_80 YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/antisb_threatExpert YRP/network_tcp_socket YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers3 YRP/Str_Win32_Winsock2_Library
bce0ea4a85e5bc6af2dfe91b1ceef3416f210aa4f5c9cf8e6adf1b7f4aacf874	MS-DOS	2022-03-15 15:01:13	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasModified_DOS_Message [+] YRP/domain YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/disable_dep YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_hook YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
201215fdd6ba159d22621f2424f75b25fbe6dac1c85126e174e4ae999ef88111	PE32+	2022-03-15 12:05:25	User Submission	YRP/IsPE64 YRP/IsConsole YRP/domain YRP/contentis_base64 [+] YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/SEH__vectored YRP/disable_dep YRP/create_service YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers3 YRP/Str_Win32_Winsock2_Library
7dfd5b1809da980434860b3294a3339dc6a23065d3f9d681fb20cb7c8f6993bb	PE32	2022-03-15 06:01:42	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation YRP/Big_Numbers0
a2dc306a73dfb3bed10e60bdfbf47c9103c41ddf74343ee49011c91bd6adc0ce	PE32	2022-03-15 00:06:30	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
42726a2132dea4cd8406a0face18551317f74eac29f8e0f8aec8a15fd26cd635	PE32+	2022-03-14 18:04:16	User Submission	YRP/Microsoft_Visual_Cpp_80 YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/antisb_threatExpert YRP/win_mutex YRP/win_files_operation
a15f278540238f0308608e76a76c01c60e04f5e5bbe9ffce5455f2e965574a12	PE32	2022-03-13 17:00:50	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/maldoc_getEIP_method_1 YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_file YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
0a4a2f7f0ea4c7ef09122e07baf726728341140b288a97aa8e718a4cb9cf010b	PE32+	2022-03-12 02:32:06	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/antisb_threatExpert YRP/screenshot YRP/win_mutex YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32b_poly_Constant
3ed830b0803b63aca0a82661475c863801afd2e2b03c2675b05019d55f25a1f4	PE32	2022-03-11 14:01:19	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/maldoc_getEIP_method_1 YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_file YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
d0e0923cf7f97c86b6cde608bc7a0332d03881e598de7b8e41c114d1576e4534	PE32	2022-03-11 14:00:56	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/maldoc_getEIP_method_1 YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_file YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
3850817e83a1cf4195920110bb2995a0386fdaeacbf81e13f52bdb3d124911f5	PE32	2022-03-11 13:04:14	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/maldoc_getEIP_method_1 YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/antisb_threatExpert YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/spreading_file YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers3 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
b375967d95d53c271d9ec0c53a315f6e6dde924ac64f9e97545ae33a1526495f	PE32	2022-03-11 09:01:13	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
9ce72a30d4f6edd1f3bb5060bbe9e029a2910b74dcdc18588810716b96816fe4	PE32	2022-03-11 09:00:53	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
9954343d321e004ca91d545120342779badff504f07e27144a511640d19a90bf	PE32	2022-03-11 09:00:46	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
6f338c5257bcb275a120e49879e6608dd3291ad7547f353812034990c36fe64c	PE32	2022-03-11 09:00:26	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
03f1e00622393b7d3d9ec6573069642643bfd79a8d39f467e0a8ee335742f096	PE32	2022-03-11 04:01:14	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsConsole YRP/HasDebugData [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/antisb_threatExpert YRP/network_dropper YRP/win_token YRP/suspicious_packer_section
c254f6c89b101125e36661773c7df253d7c908d72bf0a01d8873fb192ff2e96b	PE32	2022-03-11 02:16:27	User Submission	YRP/Visual_Cpp_2005_Release_Microsoft YRP/VC8_Microsoft_Corporation YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__GlobalFlags YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/SEH__vectored YRP/Check_Debugger YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/CRC32c_poly_Constant YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table
5066e43e4292c29be5c99b552464ce08f214e519861c7d7f2d39857db7b6bfe0	PE32+	2022-03-11 02:14:26	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/DebuggerCheck__GlobalFlags YRP/DebuggerCheck__RemoteAPI YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vectored YRP/Check_Debugger YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Str_Win32_Winsock2_Library
92d7e2b3ef2b717cf67a79397af62b29c1f5ee94a7b4e935735ee4dc9d2f16e9	PE32+	2022-03-11 02:12:24	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsWindowsGUI YRP/IsPacked [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/antisb_threatExpert YRP/win_mutex YRP/win_files_operation YRP/SHA512_Constants
9f310d020dcac3af90592db796a878d1d8bc1285fc5431e836b9011d316d45c4	PE32	2022-03-10 14:09:21	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
fd27b423af903ced7fb330011ba124b59b60cbdbc64b533132a22ecf983a437d	PE32	2022-03-10 12:02:41	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
2d892b56e76a69ef962a15c7a1ef782d985f67647df2042ae61b6711b3376fbf	PE32	2022-03-10 12:01:00	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
f83ecb4f14af221b78be6670174e22434c65a49586fdbcd65f0b75df529aa947	PE32	2022-03-10 10:07:02	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
01a1bc516376847423c1c746bf012650483bc006a036053b529cdc1b0ec34446	PE32	2022-03-10 09:01:45	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
70e8ad5e62ee2b742b069521615bfaa6ac61833dc927e8ab42bafff9d7952ac0	PE32	2022-03-10 09:01:18	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
d2212cabc4da0107627727c4138a08581480aaf1597b624d8607ee583ac0c33e	PE32	2022-03-10 09:00:55	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
aa487780c861e3475fcbe380b6e70c4f2ba8b5f613d9ce19b8705b6e5f2117db	PE32	2022-03-10 08:01:21	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
8addfca49be443cc1314b8106f31321d875edb1eee58dd404378981a585b3212	PE32	2022-03-10 03:04:43	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
23dd16b43bcdcf1452a955ce9f2e38f76b629b8b1ecb5556c5feec5fc320aa40	PE32	2022-03-10 02:32:04	User Submission	YRP/Visual_Cpp_2005_Release_Microsoft YRP/VC8_Microsoft_Corporation YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__GlobalFlags YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/SEH__vectored YRP/Check_Debugger YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/CRC32c_poly_Constant YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table
24b305b7fcd686c98bc9d4fbd3694522044755ac765770c3d7c27c2eeb1c01df	PE32	2022-03-10 02:31:34	User Submission	YRP/Visual_Cpp_2005_Release_Microsoft YRP/VC8_Microsoft_Corporation YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__GlobalFlags YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/SEH__vectored YRP/Check_Debugger YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/network_tcp_socket YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/CRC32c_poly_Constant YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library
48bfa7dd7d86bd8de84150b06b6704ff84298628a9fd650008b2435e2698ed82	PE32+	2022-03-10 02:04:04	User Submission	YRP/IsPE64 YRP/IsWindowsGUI YRP/domain YRP/contentis_base64 [+] YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/SEH__vectored YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers3 YRP/Str_Win32_Winsock2_Library
692c58f7968448bf4940fc8ec41481a37e6684818323af504adbc117a6bc9a24	PE32	2022-03-10 02:01:45	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
8ddb0758d53faee14a362ad086fdf59ed5bb9dcc308f3619f0fe68cb5cf0c5d8	PE32	2022-03-10 00:00:39	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
1d2550887973db494368efe5dcf10ab5c8b4acf0d29ac0236e6e0910328b1d4b	PE32	2022-03-09 16:09:47	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
d076cadb82d3c3e14c11a3a0bbf0f42dfade089175a7afcaa62b9f18b2ca0732	PE32	2022-03-09 15:07:04	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
ca67ebf2b5f829924ad4eb6008250b8afb97c559f79503b98d118f669537df6d	PE32	2022-03-09 15:06:06	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
57d9f65f62b63e02b194c97d66d478f70a75df94abc134d45e02539cbb33d961	PE32	2022-03-09 10:11:16	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
6229f6de17bf83d824249a779b3f2a030cb476133ab8879c0853bab4fdf9c079	PE32	2022-03-09 06:01:40	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/maldoc_getEIP_method_1 [+] YRP/domain YRP/contentis_base64 YRP/WMI_strings YRP/SEH__vectored YRP/antisb_threatExpert YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/spyeye YRP/suspicious_packer_section
40cfa0789dc3f55a42291a2482fafefcedea6eb0a1ecc785f2bad35b7298d019	PE32	2022-03-09 02:13:47	User Submission	YRP/Visual_Cpp_2005_Release_Microsoft YRP/VC8_Microsoft_Corporation YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__GlobalFlags YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/SEH__vectored YRP/Check_Debugger YRP/Check_OutputDebugStringA_iat YRP/DebuggerCheck__MemoryWorkingSet YRP/anti_dbg YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/CRC32c_poly_Constant YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/BASE64_table
4c3645211bdd7ee43ab5cadbc03f4c0c67a8507668f0079a1f9f431318a1f7a8	PE32	2022-03-09 02:06:58	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
4c73afce94a44680428a676d6806429fe1a6d5464166131eae52db59a20ec867	PE32	2022-03-09 02:05:19	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
7709eee447d8366398cbbdd597e38314322209b1b91fbd6644a81c4f3b01928e	PE32	2022-03-09 02:04:52	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
81dd784ad8e4a6924b1b0ee5ebf09d3018e3bda4225f3c89439e8846cf5e09d9	PE32	2022-03-09 00:02:16	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
ce79401a906246017cec719b5a89b228c0589704f04f962de647bbd34e5e1b2d	PE32	2022-03-08 22:01:37	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
3fe717a34c6d7f1235d71888472727be388cacfccf109225f9ea8cbb15506b76	PE32	2022-03-08 19:05:43	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
345a517d13106c67756aa7c69cd530fd28c06914a0635407d325373568094c5d	PE32	2022-03-08 18:05:32	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
6c5c1473f248ed211c9572c991bf30f5a284d350d45a7287bfb40aba8f30aca7	PE32	2022-03-08 18:05:03	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
99acd04fc77abe7829c5fb51638d448efbeb7053aa62aa29412fbc3d1321d569	MS-DOS	2022-03-08 14:02:55	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasModified_DOS_Message [+] YRP/domain YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/disable_dep YRP/network_http YRP/network_tcp_socket YRP/network_dga YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_hook YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
436d6d226550ed2e15292a65859fc41cde7cde6b34e83e10dff0518036cd1787	MS-DOS	2022-03-08 13:03:52	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasModified_DOS_Message [+] YRP/domain YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/disable_dep YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_hook YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
4bd004047533752383486ead4f6ce67459d38f816d63d110744f0df009b2d022	PE32	2022-03-08 13:01:04	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
da620c65032d49a148b428dab566fed2a1a9af6fb0f53ffc4ea75ae54a2cd6a9	PE32	2022-03-08 11:07:35	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
1c6632f98426b86189fde78f0f529fe42eeb2653412b0003090ae6a42c91d268	PE32	2022-03-08 11:05:48	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
dacb3244a7ab72f942a4f9f18b8f559ef88082e62e88cd147907f452a29f2a2c	PE32	2022-03-08 11:04:58	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
8b5e23b6fec77ca9ef5b22fdbc80ac42d7199c5638b90b45040e0f1038e72b1b	MS-DOS	2022-03-08 10:05:17	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasModified_DOS_Message [+] YRP/domain YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/SEH__vectored YRP/disable_dep YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/migrate_apc YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_hook YRP/CRC32_poly_Constant YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
9eb0bdb45d505a24290b3fe9adb1ac5c856238e91358fcf7e6af73d9a1b9c244	PE32	2022-03-08 10:04:53	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
efd04e8f37b1a511e4c723356220d4c07a27a8e8b5a370ea7a7a6b8a5d98ea6b	PE32	2022-03-08 08:02:45	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
08e7899c7946794dd0b738ff2ac0114efd8f2d3a27dfad22a5bd8fc8603748a6	PE32	2022-03-08 07:02:08	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vectored YRP/anti_dbg YRP/win_files_operation
8c5526650d48864f1584fcf74f9c29a77430eb1ffc58d215cb4d4e33c7b7c1f0	PE32+	2022-03-08 06:00:58	User Submission	YRP/IsPE64 YRP/IsConsole YRP/domain YRP/contentis_base64 [+] YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/SEH__vectored YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers3 YRP/Str_Win32_Winsock2_Library
7aae8d6047d6635874d9ec315a023918d172e7151f0e191d3c922871a7fffdf4	PE32	2022-03-06 21:04:39	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
795441cb22dd9890feb55a429a83200c4e041f8b5e6a9ea68642d667bd93422b	PE32	2022-03-06 21:04:33	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
5c1c996b5c3c0c5bc79a8bdc81cce4b677526c1cd356635c5d3ef5d2c4340309	PE32	2022-03-06 21:04:22	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
e1a0753e4f6cdc3c0d76bf398e51caf1fc2832e7f2680ef4edfb3c085fcf7ee1	PE32	2022-03-06 21:03:52	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
17b1ff82f6fdf389b7ad59c0f8f3dd8bb8a0066a10382ac4802faa5c69ba8e32	PE32	2022-03-06 21:03:46	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
e04abe63720769a5c9aed0a9b49990dd78a4cfc9ebaf7abe9a219ac39eba6620	PE32	2022-03-06 21:03:37	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
d8b3205d3aca558dba905ea3ae8e8a489010b7aa27d46c2edb79294970688d53	PE32	2022-03-06 21:03:20	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
d897d8221b8eb76d188ff014c0a7000e343def3f3656de106a2332dfb525b10d	PE32	2022-03-06 21:02:59	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
f6d31943805f4b5442a1f1b64dac9bf221517e94732975f3b3a9977b1c58b565	PE32	2022-03-06 21:02:52	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
c1bf03b66f471fea058779ece423d80ff9602122a67a0f89b5a506c1881f92b3	PE32	2022-03-06 21:02:46	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
bf3707f3452afea0c36daa35a9b5733c51fbe55bea56fa25403fda296df03404	PE32	2022-03-06 21:02:31	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
bb024552fee19d91554c034fc3b95ee5c0f7401887d2fef0f92692614f2292c6	PE32	2022-03-06 21:02:18	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
b7f29f65d82ff24a750ea3539590bf3bb1f70748bb9b9ceaa3f6e09ff32a1123	PE32	2022-03-06 21:02:12	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
bba47eef1547016da382b82802c5829269393f144c577b8ec8f4fbe870dbc618	PE32	2022-03-06 21:02:07	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
b974d40a94585eaadfc7f64a55de3a2ab4a42adca3e4d39a09092434ae42ef44	PE32	2022-03-06 21:02:01	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
afaf667854e5e5ab435421d964ed2ff892068f16cdf2338422a977316e740751	PE32	2022-03-06 21:01:54	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
b396dcdd2293ab25e4872acfca750da24c0932fae58d417c221246bb68e624a5	PE32	2022-03-06 21:01:46	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API

Recent Searches
yrp/seh__vectored
yrp/simplepack12build3009method2bagie
yrp/acprotectv135riscosoftwareincanticracksoftware
yrp/passcv_sabre_malware_signing_cert
yrp/passcv_sabre_malware_signing_cert
yrp/passcv_sabre_malware_signing_cert
yrp/passcv_sabre_malware_signing_cert
yrp/passcv_sabre_malware_signing_cert
yrp/passcv_sabre_malware_signing_cert
yrp/passcv_sabre_malware_signing_cert

Search

Recent Searches