MalShare

SHA256 Hash	File type	Added	Source	Yara Hits
a1a6b41cbc52ea2cefae886349924a271a08dc91560eb3c1be2b49c6f9643d22	PE32+	2022-03-20 13:19:58	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/HasOverlay [+] YRP/MinGW_1 YRP/domain YRP/contentis_base64 YRP/DebuggerCheck__QueryInfo YRP/inject_thread YRP/spyeye
7a96c5a32badb9650faa842922ad545b7336a676f033e724c1bed574a7c9a960	PE32	2022-03-17 01:01:07	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
5c49f98d3516edf56c996c2da5f095a0b97df772a558bb2e9d5a5d4355adab05	PE32	2022-03-16 22:03:11	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
67eff1dc0836f810382eff5ae6c3b92751dc1b11fc42481a0c66644efb470156	PE32	2022-03-16 10:00:20	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
7bea797e233b6f2885014e7806778a5a5bb20773458b6ff92c2aae058e808020	PE32	2022-03-14 19:02:18	User Submission	CuckooSandbox/vmdetect YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/MinGW_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/System_Tools YRP/VMWare_Detection YRP/Sandboxie_Detection YRP/Dropper_Strings YRP/ThreadControl__Context YRP/vmdetect YRP/antisb_sandboxie YRP/Big_Numbers1 YRP/spyeye YRP/XtremeRATStrings YRP/XtremeRAT
60ab7f54c76f71321e37d8004821868115e3356a828bb1d3622e1efebaad6abe	PE32	2022-03-14 06:10:22	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/MinGW_1 [+] YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/ThreadControl__Context YRP/win_mutex YRP/spyeye
8a24fe0774a718159bb47c3dcb362fac92a93c968ba44acaed675187debc9e35	PE32	2022-03-12 13:09:47	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/VM_Generic_Detection YRP/DebuggerCheck__QueryInfo YRP/SEH__vba YRP/disable_antivirus YRP/inject_thread YRP/network_dropper YRP/network_ftp YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/screenshot YRP/cred_local YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/BLOWFISH_Constants YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/SHA512_Constants YRP/DES_sbox YRP/RijnDael_AES YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/universal_1337_stealer_serveur
b375967d95d53c271d9ec0c53a315f6e6dde924ac64f9e97545ae33a1526495f	PE32	2022-03-11 10:01:13	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
9ce72a30d4f6edd1f3bb5060bbe9e029a2910b74dcdc18588810716b96816fe4	PE32	2022-03-11 10:00:53	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
9954343d321e004ca91d545120342779badff504f07e27144a511640d19a90bf	PE32	2022-03-11 10:00:46	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
6f338c5257bcb275a120e49879e6608dd3291ad7547f353812034990c36fe64c	PE32	2022-03-11 10:00:26	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
6229f6de17bf83d824249a779b3f2a030cb476133ab8879c0853bab4fdf9c079	PE32	2022-03-09 07:01:40	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/maldoc_getEIP_method_1 [+] YRP/domain YRP/contentis_base64 YRP/WMI_strings YRP/SEH__vectored YRP/antisb_threatExpert YRP/win_mutex YRP/win_registry YRP/win_files_operation YRP/android_meterpreter YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/spyeye YRP/suspicious_packer_section
93a20257f14097f4b3bf8267c5ac8a5ef0cfececcfcac337b9c5c49fa49f44ab	PE32	2022-03-06 23:01:25	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay [+] YRP/maldoc_getEIP_method_1 YRP/domain YRP/contentis_base64 YRP/spyeye
7aae8d6047d6635874d9ec315a023918d172e7151f0e191d3c922871a7fffdf4	PE32	2022-03-06 22:04:39	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
795441cb22dd9890feb55a429a83200c4e041f8b5e6a9ea68642d667bd93422b	PE32	2022-03-06 22:04:33	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
5c1c996b5c3c0c5bc79a8bdc81cce4b677526c1cd356635c5d3ef5d2c4340309	PE32	2022-03-06 22:04:22	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
e1a0753e4f6cdc3c0d76bf398e51caf1fc2832e7f2680ef4edfb3c085fcf7ee1	PE32	2022-03-06 22:03:52	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
17b1ff82f6fdf389b7ad59c0f8f3dd8bb8a0066a10382ac4802faa5c69ba8e32	PE32	2022-03-06 22:03:46	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
e04abe63720769a5c9aed0a9b49990dd78a4cfc9ebaf7abe9a219ac39eba6620	PE32	2022-03-06 22:03:37	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
d8b3205d3aca558dba905ea3ae8e8a489010b7aa27d46c2edb79294970688d53	PE32	2022-03-06 22:03:20	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
d897d8221b8eb76d188ff014c0a7000e343def3f3656de106a2332dfb525b10d	PE32	2022-03-06 22:02:59	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
f6d31943805f4b5442a1f1b64dac9bf221517e94732975f3b3a9977b1c58b565	PE32	2022-03-06 22:02:52	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
c1bf03b66f471fea058779ece423d80ff9602122a67a0f89b5a506c1881f92b3	PE32	2022-03-06 22:02:46	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
bf3707f3452afea0c36daa35a9b5733c51fbe55bea56fa25403fda296df03404	PE32	2022-03-06 22:02:31	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
bb024552fee19d91554c034fc3b95ee5c0f7401887d2fef0f92692614f2292c6	PE32	2022-03-06 22:02:18	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
b7f29f65d82ff24a750ea3539590bf3bb1f70748bb9b9ceaa3f6e09ff32a1123	PE32	2022-03-06 22:02:12	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
bba47eef1547016da382b82802c5829269393f144c577b8ec8f4fbe870dbc618	PE32	2022-03-06 22:02:07	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
b974d40a94585eaadfc7f64a55de3a2ab4a42adca3e4d39a09092434ae42ef44	PE32	2022-03-06 22:02:01	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
afaf667854e5e5ab435421d964ed2ff892068f16cdf2338422a977316e740751	PE32	2022-03-06 22:01:54	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
b396dcdd2293ab25e4872acfca750da24c0932fae58d417c221246bb68e624a5	PE32	2022-03-06 22:01:46	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
ae959ec221035442e7391bdadcd326a02a1117c00baedbfde9cab31b23f6efdf	PE32	2022-03-06 22:01:41	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
a7b7e1c7ad47732718161378ea12e56fd30463ffe63bbde6e4b89262fe72e87c	PE32	2022-03-06 22:01:27	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
9fabe904c834ce18def4f058cd5c04367db9cc3714963eca1afd27992eac3101	PE32	2022-03-06 22:01:21	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
5c93a4ec7b5f9ba28d3c86b53f1766f5445ecb9b17dc39091046b04e55d9083a	PE32	2022-03-06 22:01:13	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
5a6c12a58a90a144d69916c776baeffdbe446f963322d0b1c060c40015bbbc74	PE32	2022-03-06 22:01:07	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
5339ed1ce76d0c89e3800cc10e6049164770870c046d23d2b626a5a3e8c4ae8d	PE32	2022-03-06 22:01:01	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
9a7654ccf7e364dee40625a625f28fd5074fb89af80292a2cc041fb304bfc9a8	PE32	2022-03-06 22:00:55	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
52a7b69c291f1fc198f0585371d35e6d013126ec8bf8416ff19dec0df5abb794	PE32	2022-03-06 22:00:48	User Submission	CuckooSandbox/vmdetect YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/IsPE32 YRP/IsWindowsGUI [+] YRP/HasOverlay YRP/HasRichSignature YRP/maldoc_find_kernel32_base_method_1 YRP/maldoc_getEIP_method_1 YRP/domain YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Browsers YRP/VM_Generic_Detection YRP/VMWare_Detection YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/SEH__vectored YRP/vmdetect YRP/Check_FindWindowA_iat YRP/anti_dbg YRP/anti_dbgtools YRP/antisb_threatExpert YRP/antivm_bios YRP/inject_thread YRP/network_http YRP/network_tcp_socket YRP/network_dns YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/Big_Numbers0 YRP/Big_Numbers1 YRP/Big_Numbers5 YRP/Prime_Constants_long YRP/CRC32_poly_Constant YRP/CRC32_table YRP/DES_sbox YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
f32c5f58e112994b8813cbcf2c07c7452be85e6f1b4a671d4d66d6b3fd3735d1	PE32	2022-03-06 11:01:20	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/domain [+] YRP/contentis_base64 YRP/spyeye YRP/suspicious_packer_section
ccd2eba2514441e8ffa274669efac346f7bb620775ee64e48c27d4061486fe75	PE32	2022-03-05 03:30:24	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature [+] YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Misc_Suspicious_Strings YRP/spyeye
d023f36a47d4d81491c3ffc7192669199441d7388c159f59414b3b5f137c519a	PE32+	2022-02-27 13:01:24	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/HasOverlay [+] YRP/MinGW_1 YRP/domain YRP/url YRP/contentis_base64 YRP/ThreadControl__Context YRP/network_tcp_listen YRP/network_tcp_socket YRP/win_mutex YRP/spyeye YRP/Str_Win32_Winsock2_Library
5271f59f0983382ac3e615265a904d044f8e3825c3d60b3d39a6e9a14bb3e780	PE32	2022-02-26 20:00:15	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/domain [+] YRP/url YRP/contentis_base64 YRP/spyeye
8b40a81c7b1c443171c89d26a2b3ed3a9a47c16760a51a12a1ab0414d3dfc5b8	PE32	2022-02-25 16:35:45	User Submission	YRP/MingWin32_GCC_V3X YRP/MingWin32_GCC_3x YRP/MingWin32_v_h_additional YRP/MinGW_GCC_3x_additional [+] YRP/MinGW_GCC_3x YRP/MingWin32_GCC_3x_additional YRP/MingWin32_v_h YRP/MingWin32_v YRP/MinGWGCC3x YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/win_registry YRP/spyeye
dfe6ba27f4aee551caa15609b5a358a7b3ec69dfc5aa4311eb64733b5e1d5354	PE32	2022-02-25 06:04:23	User Submission	YRP/MingWin32_GCC_V3X YRP/MingWin32_GCC_3x YRP/MingWin32_v_h_additional YRP/MinGW_GCC_3x_additional [+] YRP/MinGW_GCC_3x YRP/MingWin32_GCC_3x_additional YRP/MingWin32_v_h YRP/MingWin32_v YRP/MinGWGCC3x YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/win_registry YRP/spyeye
47b64fb5b20967193f0c522d0106b7c6b6378bf62673301e05763effa80576e4	PE32	2022-02-25 05:10:43	User Submission	YRP/MingWin32_GCC_V3X YRP/MingWin32_GCC_3x YRP/MingWin32_v_h_additional YRP/MinGW_GCC_3x_additional [+] YRP/MinGW_GCC_3x YRP/MingWin32_GCC_3x_additional YRP/MingWin32_v_h YRP/MingWin32_v YRP/MinGWGCC3x YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/win_registry YRP/spyeye
e6f18b667446a3b144d5d77e622fa88df11b97332d90656dc02abb4700437dcb	PE32	2022-02-24 21:38:12	User Submission	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay [+] YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay_additional YRP/UPX_wwwupxsourceforgenet YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/win_registry YRP/spyeye YRP/UPX YRP/suspicious_packer_section FlorianRoth/DragonFly_APT_Sep17_3
665797e2a43cb3a88709b4b6dd094d3011049ad6db448688ce8e799dff3d0bee	PE32+	2022-02-24 21:23:50	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/HasOverlay [+] YRP/domain YRP/contentis_base64 YRP/spyeye
cb98646b9ef2c7adde66abc60f6c7ef05dbd70cd87b23f86c7b433e9c50772bb	PE32	2022-02-24 19:28:48	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/domain [+] YRP/contentis_base64 YRP/spyeye YRP/fin7_functions FlorianRoth/Msfpayloads_msf_10
8b0c7ca739454ba175893c596e2f17f1e8b08b60b1b94bf873eef7ed95367a9c	PE32	2022-02-24 17:56:44	User Submission	YRP/MingWin32_GCC_3x YRP/MingWin32_v_h_additional YRP/MinGW_GCC_3x_additional YRP/MinGW_GCC_3x [+] YRP/MingWin32_GCC_3x_additional YRP/MingWin32_v_h YRP/MingWin32_v YRP/MinGWGCC3x YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/spyeye
7605a277c011c8cf5406ef4dbf573b799c7866c58cf3b3b361dde4be56839862	PE32	2022-02-24 17:48:04	User Submission	YRP/MingWin32_GCC_V3X YRP/MingWin32_GCC_3x YRP/MingWin32_v_h_additional YRP/MinGW_GCC_3x_additional [+] YRP/MinGW_GCC_3x YRP/MingWin32_GCC_3x_additional YRP/MingWin32_v_h YRP/MingWin32_v YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/MinGWGCC3x YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/win_registry YRP/spyeye YRP/UPX YRP/suspicious_packer_section
01d3fa190a20a9490eada25a39dbd39bb3ec45ef9f8818e59dc6ad95e266ef54	PE32	2022-02-24 17:31:46	User Submission	YRP/MingWin32_GCC_V3X YRP/MingWin32_GCC_3x YRP/MingWin32_v_h_additional YRP/MinGW_GCC_3x_additional [+] YRP/MinGW_GCC_3x YRP/MingWin32_GCC_3x_additional YRP/MingWin32_v_h YRP/MingWin32_v YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/MinGWGCC3x YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/win_registry YRP/spyeye YRP/UPX YRP/suspicious_packer_section
82453ea30ef5372b3ebeebd92a4a91852e4b614ab87704578e648d003236c8f6	PE32	2022-02-24 14:06:01	User Submission	YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/domain [+] YRP/IP YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/network_tcp_listen YRP/network_tcp_socket YRP/screenshot YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_private_profile YRP/win_files_operation YRP/CRC32_poly_Constant YRP/CRC32_table YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/UPX YRP/suspicious_packer_section
affa5a2a028c1c09a429a191bd33cdf2154ff8d34bc9109b01d1ddaeab08fde6	PE32	2022-02-24 13:37:30	User Submission	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay [+] YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay_additional YRP/UPX_wwwupxsourceforgenet YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/win_registry YRP/spyeye YRP/UPX YRP/suspicious_packer_section
f686fb52b1439e2b07acd205d7a829e4c516d844347cb70e3d667c82094e959d	PE32	2022-02-24 12:56:01	User Submission	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay [+] YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay_additional YRP/UPX_wwwupxsourceforgenet YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/win_registry YRP/spyeye YRP/UPX YRP/suspicious_packer_section
a7aa011afb74bc0a72bc993e3f23ed0dfc6e7cbccedab3c72de35671a940be28	PE32	2022-02-24 12:29:25	User Submission	YRP/MingWin32_GCC_3x YRP/MingWin32_v_h_additional YRP/MinGW_GCC_3x_additional YRP/MinGW_GCC_3x [+] YRP/MingWin32_GCC_3x_additional YRP/MingWin32_v_h YRP/MingWin32_v YRP/MinGWGCC3x YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/contentis_base64 YRP/Dropper_Strings YRP/win_registry YRP/spyeye
a56686fc589b22abaaee3738d59d8724bdc193e02408e2937e1c0e7ed19f1720	MS-DOS	2022-02-24 11:26:15	User Submission	YRP/Borland_Delphi_40_additional YRP/Microsoft_Visual_Cpp_v50v60_MFC YRP/Borland_Delphi_30_additional YRP/Borland_Delphi_30_ [+] YRP/Borland_Delphi_Setup_Module YRP/Borland_Delphi_40 YRP/Borland_Delphi_v40_v50 YRP/BobSoft_Mini_Delphi_BoB_BobSoft_additional YRP/Borland_Delphi_v30 YRP/Borland_Delphi_DLL YRP/Borland YRP/NETexecutableMicrosoft YRP/BobSoftMiniDelphiBoBBobSoft YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasModified_DOS_Message YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/System_Tools YRP/Antivirus YRP/Dropper_Strings YRP/WMI_strings YRP/Misc_Suspicious_Strings YRP/DebuggerException__SetConsoleCtrl YRP/anti_dbg YRP/network_udp_sock YRP/network_tcp_listen YRP/network_tcp_socket YRP/network_dns YRP/escalate_priv YRP/keylogger YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_files_operation YRP/Big_Numbers1 YRP/BASE64_table YRP/Delphi_Random YRP/Delphi_CompareCall YRP/Delphi_Copy YRP/spyeye YRP/Str_Win32_Winsock2_Library YRP/Str_Win32_Wininet_Library YRP/suspicious_packer_section YRP/IMPLANT_4_v3_AlternativeRule FlorianRoth/IMPLANT_4_v3_AlternativeRule
6c05c532ea6b033009987023903320a74b5a89a0d3f766c957c2e3c22726fe7c	PE32	2022-02-24 11:21:03	User Submission	YRP/MingWin32_GCC_V3X YRP/MingWin32_GCC_3x YRP/MingWin32_v_h_additional YRP/MinGW_GCC_3x_additional [+] YRP/MinGW_GCC_3x YRP/MingWin32_GCC_3x_additional YRP/MingWin32_v_h YRP/MingWin32_v YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/MinGWGCC3x YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/win_registry YRP/spyeye YRP/UPX YRP/suspicious_packer_section
65e9b476cfeadec3f2e02df19349b7ee5daacb0cf94774c9d35ec3bd286f2c5a	PE32	2022-02-24 08:37:07	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/domain [+] YRP/contentis_base64 YRP/spyeye
a281a59e1dc43eebce66d9219c6c3386e3c75dcc68596539091be2c6ae234a24	PE32	2022-02-24 06:41:05	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/domain [+] YRP/contentis_base64 YRP/spyeye
d8939bf7d2662be6ec32bd5cbe9cf7e3ce5e70a0bb8746e682964a84bbd6ba0e	PE32	2022-02-24 04:56:20	User Submission	YRP/Microsoft_Visual_Basic_v50v60 YRP/Microsoft_Visual_Basic_v50 YRP/Microsoft_Visual_Basic_v50_v60 YRP/Microsoft_Visual_Basic_v50_additional [+] YRP/Microsoft_Visual_Basic_v50v60_additional YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/HasDigitalSignature YRP/HasRichSignature YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerHiding__Active YRP/SEH__vba YRP/anti_dbg YRP/disable_dep YRP/network_http YRP/network_dga YRP/escalate_priv YRP/screenshot YRP/win_mutex YRP/win_registry YRP/win_token YRP/win_private_profile YRP/win_files_operation YRP/win_hook YRP/Big_Numbers1 YRP/Prime_Constants_char YRP/Crypt32_CryptBinaryToString_API YRP/CRC32_poly_Constant YRP/CRC32_table YRP/MD5_Constants YRP/RIPEMD160_Constants YRP/SHA1_Constants YRP/BASE64_table YRP/spyeye YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API YRP/Str_Win32_Http_API
8a815a73dd6fbcad9e1dd70d8c7a1d930000c78e04786a968062ef2c3e390240	PE32	2022-02-24 02:33:03	User Submission	YRP/MingWin32_GCC_V3X YRP/MingWin32_GCC_3x YRP/MingWin32_v_h_additional YRP/MinGW_GCC_3x_additional [+] YRP/MinGW_GCC_3x YRP/MingWin32_GCC_3x_additional YRP/MingWin32_v_h YRP/MingWin32_v YRP/MinGWGCC3x YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/win_registry YRP/spyeye
b2954669ee9a605751babdc53e615a8dc535576fe4b75bfa9d57e17eda9cb902	PE32	2022-02-24 02:31:32	User Submission	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay [+] YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay_additional YRP/UPX_wwwupxsourceforgenet YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/win_registry YRP/spyeye YRP/UPX YRP/suspicious_packer_section
96273a534a4ae0f111701b94054bbfcf8c3aa02c5aae71d0aafd560d382945cb	PE32	2022-02-24 02:12:43	User Submission	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay [+] YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay_additional YRP/UPX_wwwupxsourceforgenet YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/win_registry YRP/spyeye YRP/UPX YRP/suspicious_packer_section
cea30f44e2d8cb5c8d30a493fbe1c1647219d45ed45327bd0568266d1283740b	PE32	2022-02-24 01:50:57	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/domain [+] YRP/contentis_base64 YRP/spyeye
b84931a2be3a038b723d30ae9eb6fe27b4965f0731d5993f7ba1e358ee62229e	PE32	2022-02-24 01:20:20	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/domain [+] YRP/contentis_base64 YRP/spyeye
23d8ac0313f73fbc0f66fcf87fbb2619037879a47cdc3395543862dc4fc2fe27	PE32	2022-02-23 22:22:48	User Submission	YRP/IsPE32 YRP/IsDLL YRP/IsConsole YRP/HasOverlay [+] YRP/HasModified_DOS_Message YRP/domain YRP/contentis_base64 YRP/spyeye
61f4bdbc2c2ee7896eb9a7c6d021475ed31198458e64cd00b225f7c0e14637a9	PE32	2022-02-23 21:55:41	User Submission	YRP/IsPE32 YRP/IsDLL YRP/IsConsole YRP/HasOverlay [+] YRP/HasDebugData YRP/HasModified_DOS_Message YRP/domain YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/DebuggerCheck__QueryInfo YRP/DebuggerCheck__RemoteAPI YRP/DebuggerHiding__Thread YRP/DebuggerHiding__Active YRP/DebuggerException__ConsoleCtrl YRP/DebuggerException__SetConsoleCtrl YRP/ThreadControl__Context YRP/SEH__vectored YRP/Check_Wine YRP/anti_dbg YRP/disable_dep YRP/inject_thread YRP/migrate_apc YRP/win_mutex YRP/win_private_profile YRP/win_files_operation YRP/spyeye
8d680994c7e7d7478be4aaef685745a06f8197821169e061ff4d1807aed78d84	PE32	2022-02-23 21:10:21	User Submission	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay [+] YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay_additional YRP/UPX_wwwupxsourceforgenet YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/win_registry YRP/spyeye YRP/UPX YRP/suspicious_packer_section
eb7e46964e24320af3eb480b23f815478b5a04a70d7bf82b45b9ec48db50d455	PE32	2022-02-23 20:43:40	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/domain [+] YRP/contentis_base64 YRP/spyeye
2e2f51e50c986672ae804e92b6e3662f16321b6a2e55c6dd74ddc20b37df2f00	PE32	2022-02-23 20:39:30	User Submission	YRP/IsPE32 YRP/IsDLL YRP/IsWindowsGUI YRP/HasOverlay [+] YRP/domain YRP/url YRP/contentis_base64 YRP/inject_thread YRP/screenshot YRP/win_registry YRP/Advapi_Hash_API YRP/spyeye YRP/Str_Win32_Wininet_Library YRP/Str_Win32_Internet_API
7e4cbf4db32639d3bc7af75df801bc33b18b98982decc057f9464e22f7811b4d	PE32	2022-02-23 20:28:36	User Submission	YRP/MingWin32_GCC_V3X YRP/MingWin32_GCC_3x YRP/MingWin32_v_h_additional YRP/MinGW_GCC_3x_additional [+] YRP/MinGW_GCC_3x YRP/MingWin32_GCC_3x_additional YRP/MingWin32_v_h YRP/MingWin32_v YRP/MinGWGCC3x YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/win_registry YRP/spyeye FlorianRoth/DragonFly_APT_Sep17_3
98976013bd6de0c6e8d898353a5f34182453a5074489183340767e6d8fc2157e	PE32+	2022-02-23 20:11:07	User Submission	YRP/Microsoft_Visual_Cpp_v60 YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole [+] YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/contentis_base64 YRP/spyeye
9a147c99a364ff4b721a90baee19bf407117648d9ba400f33f1d2e89d8144963	PE32	2022-02-23 19:51:15	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/domain [+] YRP/contentis_base64 YRP/spyeye FlorianRoth/Gen_Net_LocalGroup_Administrators_Add_Command
6bce11964923d7f1c1bc4948072a91211aa2f389a5955960fa4134c1b86ab4cf	PE32	2022-02-23 17:02:25	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/MinGW_1 [+] YRP/domain YRP/contentis_base64 YRP/spyeye
024fcf6ab01c5778ab2c60a5acdf75a3f61123e402a6b8b74537c7f7c583e23b	PE32	2022-02-23 16:07:46	User Submission	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay [+] YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay_additional YRP/UPX_wwwupxsourceforgenet YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/win_registry YRP/spyeye YRP/UPX YRP/suspicious_packer_section
86c74e1e0248ff916d223c2bc53816f84152c9d6ebd47065440c69f631da3dd1	PE32	2022-02-23 13:57:54	User Submission	YRP/MingWin32_GCC_V3X YRP/MingWin32_GCC_3x YRP/MingWin32_v_h_additional YRP/MinGW_GCC_3x_additional [+] YRP/MinGW_GCC_3x YRP/MingWin32_GCC_3x_additional YRP/MingWin32_v_h YRP/MingWin32_v YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/MinGWGCC3x YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/win_registry YRP/spyeye YRP/UPX YRP/suspicious_packer_section
46b6e1d77be078b0804d1adfd100ed62b7c070f46bc2536d3fe247e48b20a919	PE32	2022-02-23 13:43:49	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/powershell [+] YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/spyeye
381dfaf1b54ede9002be16b20a3aeb679e800af4000ef2f820e02f37d3548858	PE32	2022-02-23 13:21:49	User Submission	YRP/MingWin32_GCC_V3X YRP/MingWin32_GCC_3x YRP/MingWin32_v_h_additional YRP/MinGW_GCC_3x_additional [+] YRP/MinGW_GCC_3x YRP/MingWin32_GCC_3x_additional YRP/MingWin32_v_h YRP/MingWin32_v YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/MinGWGCC3x YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/MinGW_1 YRP/maldoc_find_kernel32_base_method_1 YRP/domain YRP/IP YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/anti_dbg YRP/win_registry YRP/win_files_operation YRP/spyeye YRP/UPX YRP/suspicious_packer_section
d765d4ef6b311f5046409a604be1ce4f6484507ede2dbbc38d40c8a29e10130a	PE32	2022-02-23 13:01:49	User Submission	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay [+] YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay_additional YRP/UPX_wwwupxsourceforgenet YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/win_registry YRP/spyeye YRP/UPX YRP/suspicious_packer_section FlorianRoth/DragonFly_APT_Sep17_3
500bbf41794a136defca82008f2382340c5c2ec7f2194c50d6cd3505871438d3	PE32+	2022-02-23 12:26:19	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/HasOverlay [+] YRP/MinGW_1 YRP/domain YRP/contentis_base64 YRP/spyeye
baa71fd1e5eecdc65d3737f3681638747d39959e651baa02178f157616908a0b	PE32	2022-02-23 11:51:21	User Submission	YRP/Microsoft_Visual_Studio_NET YRP/Microsoft_Visual_C_v70_Basic_NET_additional YRP/Microsoft_Visual_C_Basic_NET YRP/Microsoft_Visual_Studio_NET_additional [+] YRP/Microsoft_Visual_C_v70_Basic_NET YRP/NET_executable_ YRP/NET_executable YRP/NETexecutableMicrosoft YRP/IsPE32 YRP/IsNET_EXE YRP/IsWindowsGUI YRP/HasDebugData YRP/domain YRP/IP YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/spyeye
0d5f48cccff756f4c8b7957854d6256069d801be71df0ac8d8185d3e0f5c5365	PE32	2022-02-23 11:03:23	User Submission	YRP/IsPE32 YRP/IsDLL YRP/IsConsole YRP/HasOverlay [+] YRP/HasModified_DOS_Message YRP/domain YRP/contentis_base64 YRP/spyeye
ae6400dcb4c10d6deffd314827dc3a4b89a82deba222042ec3fa9849a359a3c7	PE32	2022-02-23 10:33:45	User Submission	YRP/IsPE32 YRP/IsDLL YRP/IsConsole YRP/HasOverlay [+] YRP/HasModified_DOS_Message YRP/domain YRP/contentis_base64 YRP/win_mutex YRP/spyeye
5a11bec6fa8f036a26a9867bfc5809b783275367dd2d2c4b3dba2bd86708a420	UTF-8	2022-02-23 10:24:40	User Submission	YRP/powershell YRP/domain YRP/IP YRP/contentis_base64 [+] YRP/Antivirus YRP/network_dns YRP/spyeye
353c15930bbd9a029bcf0303d27353f1a43c0b83d9d9cfcc74d433feb5ab15f1	PE32	2022-02-23 10:07:14	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/domain [+] YRP/contentis_base64 YRP/spyeye
a7c382c2f87799770408a58ac59721edd75f6ec3e04f125e74f2c60ff2f525e5	PE32	2022-02-23 09:36:37	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/domain [+] YRP/contentis_base64 YRP/spyeye
84eedd063a40517d39d82ed4b5bf6aac89e6b5112c3af80da7d3bbcbb843913a	PE32	2022-02-23 09:26:21	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/powershell [+] YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/spyeye
bb8b7630e1b0d1cbe720afb0e0b8c298827126c06d5552c1c3a0e8a038a423e5	PE32	2022-02-23 08:19:18	User Submission	YRP/MingWin32_GCC_3x YRP/Microsoft_Visual_Cpp_v71_DLL_Debug_additional YRP/MingWin32_v_h_additional YRP/MinGW_GCC_3x_additional [+] YRP/Microsoft_Visual_Cpp_v71_DLL_Debug YRP/MinGW_GCC_3x YRP/MingWin32_GCC_3x_additional YRP/MingWin32_v_h YRP/MingWin32_Dev_Cpp_v4x_h_additional YRP/MingWin32_v YRP/MingWin32_Dev_Cpp_v4x_h YRP/MinGWGCC3x YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/contentis_base64 YRP/spyeye
f77da4619c6198d42f5a6951a0547269a475340b90818feb946f4beb6d48774c	PE32+	2022-02-23 07:44:59	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsConsole YRP/HasOverlay [+] YRP/domain YRP/contentis_base64 YRP/spyeye
5eebc4c521315ae80b30f6ff23b00ab51e31033c7c3afbf4ca65ac0271deb812	PE32	2022-02-23 07:34:46	User Submission	YRP/MingWin32_GCC_3x YRP/MingWin32_v_h_additional YRP/MinGW_GCC_3x_additional YRP/MinGW_GCC_3x [+] YRP/MingWin32_GCC_3x_additional YRP/MingWin32_v_h YRP/MingWin32_v YRP/MinGWGCC3x YRP/IsPE32 YRP/IsWindowsGUI YRP/IsPacked YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/IP YRP/contentis_base64 YRP/spyeye
b0b24b03e67587203c319961207b3e09fe17c50df1c4752e059a8f2d60b813f1	PE32	2022-02-23 05:11:33	User Submission	YRP/IsPE32 YRP/IsDLL YRP/IsConsole YRP/HasOverlay [+] YRP/HasModified_DOS_Message YRP/domain YRP/contentis_base64 YRP/spyeye FlorianRoth/DragonFly_APT_Sep17_3
e81ed25a978b7b97c4d8d22c1cdcc68f2c7348ea1965bb663d63068852114959	PE32	2022-02-22 23:35:53	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/powershell [+] YRP/domain YRP/url YRP/contentis_base64 YRP/Misc_Suspicious_Strings YRP/spyeye
a85da75722dead562a0f51d8f48d9db50d3019106f85c512f4e2b6af55dc972d	PE32	2022-02-22 23:04:05	User Submission	YRP/MingWin32_GCC_V3X YRP/MingWin32_GCC_3x YRP/MingWin32_v_h_additional YRP/MinGW_GCC_3x_additional [+] YRP/MinGW_GCC_3x YRP/MingWin32_GCC_3x_additional YRP/MingWin32_v_h YRP/MingWin32_v YRP/MinGWGCC3x YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/win_registry YRP/spyeye
5daec2caacd00e1f4ab4d7f237c627aabd1343cbba88240e5b3f606b75a5103c	PE32+	2022-02-22 22:36:45	User Submission	YRP/IsPE64 YRP/IsDLL YRP/IsConsole YRP/HasOverlay [+] YRP/domain YRP/contentis_base64 YRP/spyeye
249f336f82e63be73c81c9f4118aea3e220fc11d75087cc39e8cafbd8f64f76a	PE32	2022-02-22 21:38:32	User Submission	YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet YRP/UPX_wwwupxsourceforgenet_additional YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay [+] YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay_additional YRP/UPX_wwwupxsourceforgenet YRP/UPXv20MarkusLaszloReiser YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/Misc_Suspicious_Strings YRP/win_registry YRP/spyeye YRP/UPX YRP/suspicious_packer_section
888a582874c2dbfc436111e82a4f46e8cb8d201ef1d6c567c08ccc175afb1fe3	PE32	2022-02-22 19:51:28	User Submission	YRP/IsPE32 YRP/IsDLL YRP/IsConsole YRP/HasOverlay [+] YRP/HasModified_DOS_Message YRP/domain YRP/contentis_base64 YRP/spyeye
49ea386db57321195fff8095f4154daa43c9f683618db24d552219891c71d2d1	PE32	2022-02-22 19:25:17	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/domain [+] YRP/contentis_base64 YRP/spyeye
beb0dd5fbb1775fe003b08f0e5f5a8c7f64f20ae8a44eec68f63754f5068ce6e	PE32	2022-02-22 19:11:28	User Submission	YRP/MingWin32_GCC_V3X YRP/MingWin32_GCC_3x YRP/MingWin32_v_h_additional YRP/MinGW_GCC_3x_additional [+] YRP/MinGW_GCC_3x YRP/MingWin32_GCC_3x_additional YRP/MingWin32_v_h YRP/MingWin32_v YRP/MinGWGCC3x YRP/IsPE32 YRP/IsWindowsGUI YRP/HasOverlay YRP/MinGW_1 YRP/domain YRP/url YRP/contentis_base64 YRP/Dropper_Strings YRP/win_registry YRP/spyeye
ad4926b03de07c1b309901f8861a907e9f12b511abbb75fc39bd5453f5040e40	PE32	2022-02-22 18:59:36	User Submission	YRP/IsPE32 YRP/IsConsole YRP/HasOverlay YRP/domain [+] YRP/contentis_base64 YRP/spyeye
9257e94c0299f1350ef8b1e86a9db98d4d6e02ab4e4c7900fcd887f1e7918226	PE32+	2022-02-22 18:44:46	User Submission	YRP/Microsoft_Visual_Cpp_80_DLL YRP/IsPE64 YRP/IsConsole YRP/HasOverlay [+] YRP/MinGW_1 YRP/domain YRP/contentis_base64 YRP/spyeye

Recent Searches
yrp/spyeye
yrp/vmprotect07x08polytech
yrp/svkp_v132_pavol_cerven_h_additional
yrp/apt1_rarsilent_exe_pdf
yrp/phoenix_html6
yrp/multiple_webshells_0015
yrp/trojan_win32_plainst
yrp/kurton_apt1
yrp/lightdart_apt1
yrp/favoritestrings

Search

Recent Searches