MalShare

SHA256 Hash	File type	Added	Source	Yara Hits
e38c9a5d62aec8a807336ef40668f82a9bf764a8102fe464ee7f82041e007bee	MS-DOS	2022-03-20 15:43:56	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ YRP/Borland_Delphi_v40_v50 [+] YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/HasModified_DOS_Message YRP/domain YRP/contentis_base64 YRP/DebuggerHiding__Thread YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation
a6196179c44372989a82cd3bc60a87262a4bb6a583f6aa38789b4ecafbe5c7b8	PE32	2022-03-20 13:30:34	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/BITS_CLSID YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/create_service YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Advapi_Hash_API YRP/MD5_API YRP/VC8_Random YRP/Str_Win32_Winsock2_Library
b207265be3bdb32536b3118e0d94660241988e2f862a0ccaf968d25d86b87a04	PE32+	2022-03-18 12:08:01	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasDebugData [+] YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/cred_local YRP/win_files_operation YRP/BASE64_table
586565cb4c1494c05639e9aed572f8c8a405d1420c4332455fefb6102e81709b	PE32	2022-03-18 03:33:30	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/cred_local YRP/cred_ie7 YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Str_Win32_Http_API
04986ae1cd326891721fcb3f387d355e160d64cc8122421a83d46c687e31a700	PE32	2022-03-18 03:21:20	User Submission	CuckooSandbox/vmdetect YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 [+] YRP/IsWindowsGUI YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/DebuggerCheck__QueryInfo YRP/vmdetect YRP/anti_dbg YRP/antisb_threatExpert YRP/escalate_priv YRP/cred_local YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Http_API
4fe176f85b036689ea4ae020eec0f0d22a919c56fc11251bc4dda8db84c2227f	PE32+	2022-03-17 03:05:14	User Submission	YRP/IsPE64 YRP/IsConsole YRP/HasOverlay YRP/domain [+] YRP/url YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/SEH__vectored YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/cred_local YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers3 YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
b01b44fde46c2bb65505a01b69e292fbbc885be2b440f6a2ee107a70fde41a7d	PE32	2022-03-16 15:03:24	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/maldoc_find_kernel32_base_method_1 YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_sbox YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/with_sqlite YRP/pony BAMFDetect/pony
023b8023103c7552edd26f2f822f07dfdddb3e45bc6f512e22a994dfcc7e0b37	PE32	2022-03-15 15:01:26	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/disable_dep YRP/network_smtp_dotNet YRP/cred_local
bf508f1f751f03db787231a869c9a551ab64005622f829ef67419ef4fdce15a3	PE32	2022-03-14 18:00:42	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
cbd5ba84136ff83739824fe2a388e9c423be6ed481f27ffb0e7a54e61bb289fe	PE32	2022-03-14 13:01:48	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
afdc3d72032d56d1fab0c0ef624b2cc52abc7212cc8a7260a9e410ec948fd92e	PE32	2022-03-14 06:10:17	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/disable_dep YRP/network_smtp_dotNet YRP/cred_local
d0d48466650f533777e9a2834da5fb89c03a16a10eab9baa654f8c9ec2495f4a	PE32	2022-03-14 06:09:59	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/PredatorPain YRP/with_sqlite FlorianRoth/RAT_PredatorPain
d0c8ca7027639de3cdf9c1cfdfffed28408fef63e82ef0127eb880c0e6418a35	PE32	2022-03-14 06:09:28	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/disable_dep YRP/network_smtp_dotNet YRP/cred_local
ef123b275c6c1ae3da6baf24bc82448d9d1751916d9a5a60fd9ef2d2aca6a03b	PE32	2022-03-13 12:04:00	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/PredatorPain YRP/with_sqlite FlorianRoth/RAT_PredatorPain
ef08526902fa73204f426e911d40109f9f764cc1cb76bddc818794e26588a618	PE32	2022-03-13 12:03:27	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/PredatorPain YRP/with_sqlite FlorianRoth/RAT_PredatorPain
eef71f71558c00b5c16211b4b937208969c4e460d763015f614c3cda1db7bfba	PE32	2022-03-13 12:02:36	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/disable_dep YRP/network_smtp_dotNet YRP/cred_local
a008145eba9cc559734176bea65115f4fa4056e0e2fe07f3f23e2c81571a1957	PE32	2022-03-13 03:21:02	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/cred_local YRP/cred_ie7 YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Str_Win32_Http_API
8a24fe0774a718159bb47c3dcb362fac92a93c968ba44acaed675187debc9e35	PE32	2022-03-12 13:09:47	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/DebuggerCheck__QueryInfo YRP/SEH__vba YRP/disable_antivirus YRP/inject_thread YRP/network_dropper YRP/network_ftp YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/cred_local YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_sbox YRP/RijnDael_AES YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/universal_1337_stealer_serveur
8cfe64df3207a00e7b0391008bdb1168fce52bfbc526bfeed3643f7fed5fdebc	PE32	2022-03-12 12:02:09	User Submission	YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE [+] YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
8c26a138a881f2e30921286ff7400d836354939df972f859e01195beca9c37e8	PE32	2022-03-12 12:01:50	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
8ecdc850c1a5fdcd9a8f09ab0d9fc1a94a9baa34c18759114c1ddd92b0195348	PE32	2022-03-12 10:03:14	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
964f6d743f4f586a2327a6acb0c853dc80a57ba24d2307e94944031f0f116a01	PE32	2022-03-12 09:06:39	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
9cd8de4810e255248cfd54cd192aeb344d9ca721f0e6738e310618e4ea7b45dc	PE32	2022-03-12 06:07:02	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
9c4c931a4be0e98184f29a622c48bc5f609bbd5de5bec59f2ef50f5ec2947a6d	PE32	2022-03-12 06:04:55	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
9ca155bf331e24433c00be0b8f5d4ac8bb7196336a8d101ac8a23a88ef1bd04d	PE32	2022-03-12 06:03:24	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/PredatorPain YRP/with_sqlite FlorianRoth/RAT_PredatorPain
a04e11ea7a755de0f010ce32f114d162763d6be1c2468b0dcd1d7e656cbe3c45	PE32	2022-03-12 05:06:56	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_Studio_NET_additional YRP/NET_executable_ YRP/NET_executable [+] YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
9fdee253615a43dd21e0b3865650112f728bd9bc54aa47304ade2cfd84ca4773	PE32	2022-03-12 05:03:40	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/borland_delphi YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Delphi_Random YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/Str_Win32_Wininet_Library YRP/with_sqlite
a3e86c092e6b40385537b56b5b7f5eeeb80156b1be3530bf400f2c249d3ecbcb	PE32	2022-03-12 04:01:31	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_smtp_dotNet YRP/screenshot YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/DES_Long YRP/DES_sbox YRP/with_sqlite
609c1c6c54ea84d720c261a858e4177d02f120211af7be8d74626f972f6d32af	PE32	2022-03-12 03:11:17	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/cred_local YRP/cred_ie7 YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Str_Win32_Http_API YRP/suspicious_packer_section
b02c5d80464a5f6ce8075309e8dcc16582f68be8c5b594c3a2c97ee5fcfdc8ca	PE32	2022-03-12 00:03:43	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
affd66995d965965ccca7329621cecc01db591a8d9c4e6b8f03e0e2920c32f2e	PE32	2022-03-12 00:01:46	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
3e57b4ae2d4ec6a478260c47698e3ad8d7e706f67725cacdac0610f49e919012	PE32	2022-03-11 07:02:07	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/domain YRP/IP YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/anti_dbg YRP/disable_dep YRP/network_smtp_dotNet YRP/cred_local
688586f16916bfe7d5b86c186e07c3afbba19b4abac116bf2b8017de2201579a	PE32	2022-03-11 01:10:35	User Submission	YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_smtp_dotNet YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/with_sqlite
4d7e28754d5142f3361d1543bc2f1ddbee2d46d71dc480dffef87bebae6a48ae	PE32	2022-03-10 22:04:30	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
575660f0016e21d6611057a6f86bbc5ab34f866e329fdfe32dd3295231b5e39a	PE32	2022-03-10 18:00:22	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/network_smtp_dotNet YRP/screenshot YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/DES_Long YRP/DES_sbox YRP/with_sqlite
d7bad9d7888f9e5fe48953aa500efee2df2936ec411f08f36523b25d50990b42	PE32	2022-03-10 17:00:35	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/PredatorPain YRP/with_sqlite FlorianRoth/RAT_PredatorPain
3a85d02695c8ec33750b5754a1beb81276ab9cd6afd91f38af67444a8a4509de	PE32	2022-03-10 11:11:22	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/contentis_base64 YRP/anti_dbg YRP/screenshot YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Http_API
68911b53f55ca2c7ec67c93f9b9a50e17796743910f19c4e4c6fd1eb18d0be04	PE32	2022-03-10 05:02:10	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vba YRP/network_ftp YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/with_sqlite
6be42b803f6df9a6520608ac4b4c91437ccf640c42c37650e83f864ceb48950b	PE32	2022-03-10 04:01:12	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETDLLMicrosoft YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/inject_thread YRP/network_smtp_dotNet YRP/network_dns YRP/screenshot YRP/keylogger YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/HawkEye YRP/with_sqlite FlorianRoth/RAT_HawkEye KevTheHermit/HawkEye
d1d970daede17d99eb316edc61d92e6e45e58a823c21ceb2eb240c551771824d	PE32	2022-03-09 03:10:49	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Http_API
f972fd2342069413c8f1276f29448bd163aa6c11dd229c1b4369c3f685018026	PE32	2022-03-09 03:05:41	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/cred_local YRP/cred_ie7 YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Str_Win32_Http_API
58128c6913cad7d9fb2823171c7973a24286fd293d0049cdd641eaf3397a5477	PE32	2022-03-08 19:01:36	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/ProtectSharewareV11eCompservCMS YRP/IsPE32 YRP/IsWindowsGUI YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/SEH__vba YRP/screenshot YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/DES_Long YRP/DES_sbox YRP/with_sqlite
a67febdff37301c3c7f64e660d77f3943bf4d966813d93d1e29838c21866609b	MS-DOS	2022-03-08 12:02:38	User Submission	YRP/Visual_Cpp_2003_EXE_Microsoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_Long YRP/DES_sbox YRP/Str_Win32_Wininet_Library YRP/with_sqlite
b74c6ae445f48ca157681d589a4ab3754de12ac3b6eff54334f81d91e3931905	PE32	2022-03-08 09:04:10	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasRichSignature YRP/domain YRP/IP YRP/contentis_base64 YRP/SEH__vba YRP/screenshot YRP/cred_local YRP/win_registry YRP/win_private_profile YRP/MD5_Constants YRP/Str_Win32_Internet_API YRP/UPX YRP/suspicious_packer_section
b664561ccafa3d890c21c4f6a6c17a84bf4d609aee0cb2a548f217890b1dfc2d	PE32	2022-03-08 09:00:44	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/url YRP/contentis_base64 YRP/SEH__vba YRP/screenshot YRP/cred_local YRP/win_registry YRP/win_private_profile YRP/MD5_Constants YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/UPX YRP/suspicious_packer_section
ad46c43f01e2955acc4ff40dc1245382629e8eaf5319ef34fa7dde69625962ed	PE32+	2022-03-08 03:34:10	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/WMI_strings YRP/anti_dbg YRP/cred_local YRP/win_registry YRP/win_token YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Wininet_Library
a207c8bb534a7640ed5fea46f8568a2dba1e69f9752fe2396a04a6f9ce97feb1	PE32	2022-03-07 08:00:48	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/cred_local
b10b281657374560f6efc7464d0d16beab887199e0fcc1949050e141f9aa4bfa	PE32	2022-03-06 18:03:08	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/screenshot YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/MD5_Constants YRP/DES_sbox
ad8b5310e38bf02a0b3ee22ae742c618ecd2c82a5d023a266433bc84aaa94771	PE32	2022-03-06 18:01:08	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/screenshot YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/MD5_Constants YRP/DES_sbox
de24f9ba5d0f90be31f6d104e4145dcc84f5d1461ad1a0e7ccc03fbff364be87	PE32	2022-03-06 16:00:16	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/screenshot YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/MD5_Constants YRP/DES_sbox
f0f426d9aa1c7f72de74d9b43460d71e83299ca3789be97a4e5c12ebf5dd2695	PE32	2022-03-06 15:01:49	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/contentis_base64 YRP/SEH__vba YRP/screenshot YRP/cred_local YRP/win_registry YRP/win_private_profile YRP/Str_Win32_Internet_API YRP/UPX YRP/suspicious_packer_section
a5c18a8ba9f44789611b8f2a9f2caaf30bd7d2298505695a8e5f9ff896bf096a	PE32+	2022-03-03 09:01:05	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/HasOverlay [+] YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/inject_thread YRP/create_service YRP/network_dns YRP/cred_local YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Advapi_Hash_API YRP/Crypt32_CryptBinaryToString_API YRP/MD5_API YRP/DES_Long YRP/Powerkatz_DLL_Generic YRP/with_sqlite FlorianRoth/Powerkatz_DLL_Generic
8a3360da4e3babda1eff6ca5bbbcaa13a5eead5db8addb77a955a9e91dd8a655	PE32	2022-03-03 03:37:48	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/IsPacked YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Check_OutputDebugStringA_iat YRP/anti_dbg YRP/cred_local YRP/cred_ie7 YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Str_Win32_Http_API
0a3848c684514ce75c4ef57a3059eb0601630c3d28317c0eacfd3fc239351ec9	PE32	2022-03-02 21:03:49	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature [+] YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/BITS_CLSID YRP/SEH__vba YRP/anti_dbg YRP/antisb_threatExpert YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
38b5d2718461d4650b5bcd2a0ee6f974f2e03bc89e7b77ea1d0034d39352e7ca	PE32+	2022-03-02 08:01:58	User Submission	CuckooSandbox/vmdetect YRP/IsPE64 YRP/IsDLL YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VMWare_Detection YRP/Misc_Suspicious_Strings YRP/vmdetect YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/android_meterpreter YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Big_Numbers4 YRP/CRC16_table YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Http_API
e61b5c665623a344607d6931c8cfc28861b383b203a32d8f4ffa458e5e5f4139	PE32+	2022-02-28 03:21:19	User Submission	YRP/IsPE64 YRP/IsConsole YRP/HasOverlay YRP/domain [+] YRP/url YRP/contentis_base64 YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/SEH__vectored YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/cred_local YRP/win_registry YRP/win_token YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers3 YRP/BASE64_table YRP/Str_Win32_Winsock2_Library
9fbe995283a7e8178836cf2fc61bb744a62dc4d08667a9d0176ad4e8f7304036	PE32	2022-02-27 10:01:47	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/maldoc_find_kernel32_base_method_1 YRP/domain [+] YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_sbox YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/with_sqlite YRP/pony BAMFDetect/pony
721218274710651d24d955ce506f58c56f959a0ab02f1d4691b29668f8fe9fa4	PE32	2022-02-25 16:40:15	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/WMI_strings YRP/DebuggerHiding__Thread YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/screenshot YRP/cred_local YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Advapi_Hash_API YRP/UPX YRP/suspicious_packer_section
67c9a22925b7e65d252f68ec847ffecc4dd5dbd6962178e5a45a37425590ce40	PE32	2022-02-25 16:29:47	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Misc_Suspicious_Strings YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/cred_local YRP/win_mutex YRP/win_registry YRP/android_meterpreter YRP/CRC32_poly_Constant YRP/CRC32_table
8af07c6507f8f595b84c47dd1780b3321b3ca0342c0aa353e74dd189678b83c1	PE32	2022-02-25 16:16:38	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/Dropper_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_http YRP/network_dga YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Advapi_Hash_API YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
f1ed4402f09d56632dba86e810f61ba9e657b109d64a2a0961e2e21e4a11e287	PE32	2022-02-25 15:23:04	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/WMI_strings YRP/SEH__vba YRP/anti_dbg YRP/antisb_threatExpert YRP/network_http YRP/screenshot YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
0817e7b8d4b16dc109339591ba6e227f755a85fb64ce3987e335adc0142196a2	PE32	2022-02-25 15:19:46	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/create_service YRP/network_http YRP/network_dropper YRP/network_dga YRP/escalate_priv YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
51a5ee108835b7118f36f9d2636d0ed07ffd7622a48854489656788377f8fb97	PE32	2022-02-25 15:07:04	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vba YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_tcp_socket YRP/escalate_priv YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
820eae82972266aaa8d0b446b60c2f7ae6024f02fc8f1dc854bc0818cd48bb49	PE32	2022-02-25 14:37:49	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/SEH__vba YRP/anti_dbg YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/Big_Numbers1 YRP/BASE64_table YRP/Str_Win32_Internet_API YRP/UPX YRP/suspicious_packer_section
9b4d1adf6e2fb6ebf0f626f4e146e84a3cbc39039115fd70b95826557e64baa1	PE32	2022-02-25 14:35:42	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/network_tcp_listen YRP/network_http YRP/network_ftp YRP/network_tcp_socket YRP/screenshot YRP/cred_local YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
3b1bee064b47d549a7e5860958f9c545146e263f950e132637453a61ba886f2b	PE32	2022-02-25 14:15:16	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/DebuggerHiding__Active YRP/SEH__vba YRP/anti_dbg YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dga YRP/screenshot YRP/keylogger YRP/cred_local YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
072ab44cd5ffd58c7cd5aaa5c03e3bf322f2b02c6248acabd070c8205d27a602	PE32	2022-02-25 13:42:09	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/WMI_strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vba YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_http YRP/network_ftp YRP/network_tcp_socket YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section
0a36c28b29314286fb6c9389575cdd0856880206c674b29fce8a5fb5319e1f3d	PE32	2022-02-25 12:28:10	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/SEH__vba YRP/anti_dbg YRP/network_http YRP/escalate_priv YRP/screenshot YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
c8de44ab957ebec664b5e741d86718d3bde04d098cf50d9d272bd36c55c0233b	PE32	2022-02-25 12:24:37	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 [+] YRP/Microsoft_Visual_Basic_v50_additional YRP/Microsoft_Visual_Basic_v50v60_additional YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/WMI_strings YRP/SEH__vba YRP/vmdetect YRP/anti_dbg YRP/disable_dep YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
fc02e521ccfeff9b717e0339a42abee47b7c87d3070161014592fdf100f831ba	PE32	2022-02-25 12:02:38	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDebugData [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/contentis_base64 YRP/anti_dbg YRP/screenshot YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers3 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/Str_Win32_Http_API
4ee0c985071d845d1c351ee39d36839e8e676f8a3ee2f372f39fe0dbe01db0b3	PE32	2022-02-25 11:57:29	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 [+] YRP/Microsoft_Visual_Basic_v50_additional YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/Dropper_Strings YRP/BITS_CLSID YRP/DebuggerCheck__QueryInfo YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vba YRP/vmdetect YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/inject_thread YRP/network_tcp_listen YRP/network_dropper YRP/network_tcp_socket YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/VC8_Random YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Http_API YRP/suspicious_packer_section
347b4974f88757e26ae93c48f3690b32ec1cb854c238162d917a33db87d9ff99	PE32	2022-02-25 11:21:36	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 [+] YRP/Microsoft_Visual_Basic_v50_additional YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Antivirus YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/SEH__vba YRP/vmdetect YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/UPX YRP/suspicious_packer_section
6d54ef759cbcc73312b8e8f7a9e943832d4fd7a0af142193068f908805342b47	PE32	2022-02-25 11:02:38	User Submission	YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/cred_local YRP/cred_ff YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/DES_sbox YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/with_sqlite YRP/pony BAMFDetect/pony
7540b6dc4973cb10b06080a334e907126c066b740c12fb8ee3268b66732ec456	PE32	2022-02-25 10:59:43	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/DebuggerHiding__Active YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/network_dropper YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/BASE64_table YRP/GlassesCode YRP/Glasses
e8b0681e594f2b045e26c849c80b15ea318cd9cc0491ec6ee1156e309e0e6a30	PE32	2022-02-25 10:54:14	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/SEH__vba YRP/anti_dbg YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table
9272094e580a8dc75a165342f989b2724c5867a3d75a38263f8d966d25c2f652	PE32	2022-02-25 10:30:59	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/SEH__vba YRP/anti_dbg YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_files_operation
b4867c9befcedf67b3a96b0e4a4cd7ae0699bb592a896490e02a62d8d544c332	PE32	2022-02-25 10:02:14	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 [+] YRP/Microsoft_Visual_Basic_v50_additional YRP/Microsoft_Visual_Basic_v50v60_additional YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/WMI_strings YRP/SEH__vba YRP/vmdetect YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/network_http YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/suspicious_packer_section
f1f9d532055eaaace542995e38b5ed547697a8b26d86e315ef72bd548ac4f039	PE32	2022-02-25 09:52:02	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/screenshot YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Wininet_Library YRP/UPX YRP/suspicious_packer_section
4c5453e52b17b858b444129b18b372f32f045b209983fa95574f7f9c26ab1e47	PE32	2022-02-25 09:43:13	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers0 YRP/BASE64_table YRP/GlassesCode YRP/Glasses YRP/UPX YRP/suspicious_packer_section
667636ad4a3d0a0306893803cf14a4e9423645cc5dfae717bcd2294a910befb2	PE32	2022-02-25 09:20:42	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/SEH__vba YRP/anti_dbg YRP/screenshot YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
59ece7088b4cfc48216599f9733a2c9be929cced174848b36d5af4889f43d6b1	PE32	2022-02-25 09:13:29	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vba YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/escalate_priv YRP/screenshot YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section
d2a5470834c169ca104dbe24bf2aed24f13696d8141dfd58cc52712fb56a7969	PE32	2022-02-25 08:39:04	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/DebuggerHiding__Active YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/BASE64_table YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
781b4fca03d6bfe1118085946bc6deb05e1e9d2b5f4937c069a2120ebe0ecb42	PE32	2022-02-25 08:03:37	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 [+] YRP/Microsoft_Visual_Basic_v50_additional YRP/Microsoft_Visual_Basic_v50v60_additional YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/DebuggerHiding__Active YRP/SEH__vba YRP/vmdetect YRP/anti_dbg YRP/disable_dep YRP/network_dropper YRP/network_tcp_socket YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/CRC32b_poly_Constant YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/suspicious_packer_section
34b74cde5c012175d6eafdc91960a7b1c4fac0d6f82414a17a622c0a91fed2cd	PE32	2022-02-25 07:46:50	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Antivirus YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vba YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_tcp_listen YRP/network_http YRP/network_dropper YRP/network_tcp_socket YRP/network_dga YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/cred_local YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section
09adeb4dc5e87928a1b34f4b71af2195b9051c382f695a81a0b85e198ac43980	PE32	2022-02-25 07:26:54	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/network_http YRP/network_dga YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/UPX YRP/suspicious_packer_section
60ed7df9774ec874beb7ef8f6e5ffe32e46b207045c138d1d5ceb53c27c68678	PE32	2022-02-25 06:52:44	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Antivirus YRP/Dropper_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/network_http YRP/network_dga YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
8d4598449c5f17552bc824a7797d6d43f103bdae117d769c9c329aed9e8142d8	PE32	2022-02-25 06:43:52	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/SEH__vba YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_registry YRP/win_files_operation YRP/UPX YRP/suspicious_packer_section
152bb662c20a2ccb3661e5bb37695c1cc7fed149b0fde36cb40391f8733bcf2e	PE32	2022-02-25 06:30:35	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Thread YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vba YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/inject_thread YRP/network_dropper YRP/escalate_priv YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Prime_Constants_char YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Http_API
38cc115d4ed1c94c07bb861866cc7f94ae2e0a0606f2e7ad3e62ba68e4241709	PE32	2022-02-25 06:11:27	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Dropper_Strings YRP/BITS_CLSID YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vba YRP/anti_dbg YRP/antisb_threatExpert YRP/disable_dep YRP/inject_thread YRP/network_dropper YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/CRC32_poly_Constant YRP/CRC32_table YRP/VC8_Random YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/UPX YRP/suspicious_packer_section
e694731d48a8f1f46a4da4a3732718132934b00a5018895b1ad45ecee180a747	PE32	2022-02-25 05:34:29	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/WMI_strings YRP/DebuggerException__SetConsoleCtrl YRP/SEH__vba YRP/anti_dbg YRP/antisb_threatExpert YRP/inject_thread YRP/network_dropper YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section
24401fbcc7ecd913c7ed4340a125454443a8de23bf73279794ac98c5313e6750	PE32	2022-02-25 05:28:11	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/AutoIt YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/WMI_strings YRP/SEH__vba YRP/anti_dbg YRP/cred_local YRP/spreading_file YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Advapi_Hash_API YRP/MD5_Constants
0b9d4ce8fee4debdd5210fef8cc107c868c58e7b8c56567309759d856c5c5406	PE32	2022-02-25 05:21:32	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/Antivirus YRP/SEH__vba YRP/anti_dbg YRP/escalate_priv YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/BASE64_table YRP/UPX YRP/suspicious_packer_section
ea62474f02c209be38e68b3d38c5319b063cd3ced0b44a4f84c9f923546d2f73	PE32	2022-02-25 03:50:37	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook
672e2aa4bd0ca205fc9515005aad6081f74f4068c0914267d88c730659e76852	PE32	2022-02-25 03:44:12	User Submission	YRP/VC8_Microsoft_Corporation YRP/Microsoft_Visual_Cpp_8 YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasDigitalSignature YRP/HasDebugData YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/anti_dbg YRP/network_tcp_socket YRP/network_dns YRP/cred_local YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/Str_Win32_Winsock2_Library
ce70aca1723473df6afec17288746778eb4afea80f77d186095880a56ec448e8	PE32	2022-02-25 03:43:26	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 [+] YRP/Microsoft_Visual_Basic_v50_additional YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Misc_Suspicious_Strings YRP/SEH__vba YRP/vmdetect YRP/anti_dbg YRP/disable_dep YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/win_hook YRP/android_meterpreter YRP/Big_Numbers1 YRP/Advapi_Hash_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/BASE64_table YRP/suspicious_packer_section
12a7b72abb2ae5c927a25b29275209d0fa65a80526cf8d47a0c48e284470873b	PE32	2022-02-25 03:27:43	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Browsers YRP/Antivirus YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/screenshot YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/Big_Numbers0 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/Str_Win32_Wininet_Library YRP/UPX YRP/suspicious_packer_section
dc56835ad31768903f370045b2daaab6d0cac9849e8bc83a4e6624264b94c150	PE32	2022-02-25 02:08:53	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Misc_Suspicious_Strings YRP/SEH__vba YRP/anti_dbg YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API YRP/UPX YRP/with_sqlite YRP/suspicious_packer_section
7b506a347520931978fd5c8e9eca6048e95223ad7263506bbcb8661f6e102b80	PE32	2022-02-25 02:03:48	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/Misc_Suspicious_Strings YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/android_meterpreter YRP/Prime_Constants_char YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants
ff763ef37a430118858035b11656f1921aad05b2a09ff03b9eba3b0e6527d2fb	PE32	2022-02-25 01:51:27	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/DebuggerHiding__Active YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/network_tcp_listen YRP/network_http YRP/network_tcp_socket YRP/network_dga YRP/screenshot YRP/cred_local YRP/spreading_share YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/BASE64_table YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
6dfc0613fde11a1e2dff92a51e5c5d7be50887bca960f8849956a38e278ff2f7	PE32	2022-02-25 01:34:00	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Antivirus YRP/SEH__vba YRP/anti_dbg YRP/screenshot YRP/keylogger YRP/cred_local YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/win_hook

Recent Searches
yrp/cred_local
yrp/debuggercheck__remoteapi
yrp/sc_obfuscator_supercracker
yrp/sc_obfuscator_supercracker_additional
yrp/eqgrp_screamingplow
yrp/unnamed_scrambler_21beta_211_p0ke
yrp/apt1_webc2_clover
yrp/webshell_getpostphp
yrp/peprotectv09
yrp/netopsystems_fead_optimizer_1

Search

Recent Searches