Analysis Report
CloudFlare Theme ClickFix/CAPTCHAScam dropping NetSupport RAT
hxxps://webdemo[.]biz
Analysis Report
EvilProxy using open redirect vulnerability
https://m.exactag.com/ai.aspx?tc=d9282403bc40b07205bbd26a23a8d2e6b6b4f9&url=http%3Asellartatauction.com/oplo/osiwuhjfmniek/bobibobi@outlook.com
Analysis Report
HTML payload leading to download and installation of WSHRAT
SHA256: 427fb9938ca75db1a362fe51356a1dc06350daa5f9db788a4ca2f7e2cb21fd34
Analysis Report
HTML based phisher exhibiting a large spectrum of malicious behaviors
SHA256: 360a04ca0c6ef3401d14f04089d6e7e08869ab298dbf842d8f063bfaca618891
Analysis Report
CVE-2023-36884 using RTF to load Word DOC via MSHTML iframe injection
SHA256: a61b2eafcf39715031357df6b01e85e0d1ea2e8ee1dfec241b114e18f7a1163f
Analysis Report
SolarMarker with file pumping, valid PE signature, Powershell dropper and .Net backdoor
SHA256: 6f7332625d573ccc7b14264ee0db7e671305e1206c7eaf920e17c26f7b5b64a7
Analysis Report
STOP Djvu Ransomware via SmokeLoader with full config extracted
SHA256: 5ea4451ca1ce36db2dc6e7a85f07c748ddbb758b65f2194d734afd08bd141126
Analysis Report
AgentTesla v3 with full malware configuration
SHA256: c6dae959f8e5373c6ac8746cfd8227b8d8099b692ee726aacbe18ecf1479282e
Analysis Report
Stealthy new payload delivery method: HTML (showing a PW) -> ZIP encrypted -> ISO -> LNK -> Calc.exe -> DLL -> DLL -> QBOT
SHA256: f5c16248418a4f1fd8dff438b26b8da7f587b77db9e180a82493bae140893687
Analysis Report
noPac using CVE-2021-42287 - CVE-2021-42278 Exploit to gain DC Admin
SHA256: 4e37819484e865f8e20c2aaa94ec05f3bfe3bb6f36ea4bb6df376c8d4f1ffcca
Analysis Report
SysJoker Multi-Platform Backdoor
SHA256: 1ffd6559d21470c40dcf9236da51e5823d7ad58c93502279871c3fe7718c901c
Analysis Report
Emotet dropped by Hidden Macro
SHA256: bb1f500a59544aa8e44a0377cc506dfbebca1ecb7a8c73dc72d3268803976ff5
Analysis Report
Kimsuky Espionage Campaign, JS instrumentation
SHA256: 20eff877aeff0afaa8a5d29fe272bdd61e49779b9e308c4a202ad868a901a5cd
Analysis Report
Hanictor analysis with VBA and shellcode execution graph, dropping FickerStealer
SHA256: 83c9c9beaca0a147e23995b84792f56cd130ccf262147374bd1114c2ac698fee
Analysis Report
Kaseya attack dropping Sodinokibi
939aae3cc456de8964cb182c75a5f8cc
Analysis Report
Sodinokibi Ransomware with full config extraction
39d22b8f3da4a83cd957f324f2423309
Analysis Report
GuLoader dropping LuminosityLink RAT
01a54f73856cfb74a3bbba47bcec227b
Analysis Report
SmoleLoader dropping Racoon
18b04e2fd804d553d9a35e088193dea7
Analysis Report
Ave Maria RAT signed by Sectigo
MD5: 94ff625253b3920fe5b6824bd8c30482
Analysis Report
QBot/Qakbot bankink trojan
MD5: ad30987a53b1b0264d806805ce1a2561
Analysis Report
ODT (Open Office File) dropping NJRAT
MD5: 7b7064d3876fc3cb1b3593e3c173a1a2
Analysis Report
Gozi/Ursnif e-Banking Trojan
MD5: 879d9a2c75ee83443a0a913f5dc71b5c
Analysis Report
ShadowHammer Supply Chain Attack of Asus Update
MD5: 55a7aa5f0e52ba4d78c145811c830107
Analysis Report
GrandCrab 5.2 Ransomware
MD5: fe2d1caa2d52000efcd19ea1ea31d254
Analysis Report
Spear Phishing e-mail - link - Microsoft Word document - Emotet
http://leonfurniturestore.com/sec.myacc.resourses.biz/
Analysis Report
Formbook info stealer malware
MD5: 287782734f94678617b7028b029320ab
Analysis Report
Classic Paypal Phishing
https://a1.bedirectip.com/c/myaccount/signin/?country.x=US&locale.x=en_US
Analysis Report
ADWIND/JRAT detecting via Java Runtime information
MD5: 19cd10627207bcf7f7c41ee26cbdd174
Analysis Report
CVE-2018-15982 dropping Hacking-Team RAT
MD5: 92b1c50c3ddf8289e85cbb7f8eead077
Analysis Report
Emotet e-Banking delivered via PDF
SHA256: d742ce0096cd0d3b2c47063f9f33cb46ba085887bd7c084fda08235c4fa26d7e
Analysis Report
Trojan spreading via VNC brute force
MD5: 642c7ad7b1608f00ba6159250b41ef75
Analysis Report
Trojanized Adobe installer with Remote Utilities RAT
MD5: eda8e4f2df81e0ba5b88d73de9779205
Analysis Report
CryptoMiner using xmrig and xmr-stak
MD5: d3fa184981b21e46f81da37f7c2cf41e
Analysis Report
Ursnif using COM InternetExplorer
MD5: 9cb0d02cbc93981015f6c050a0778cfd
Analysis Report
Supply chain infection with Monero miner
MD5: 0ae326bf4b644c91f155c3d0ba23881f
Analysis Report
Bitcoin miner, overwrites Adobe Reader Update for persistence starts
MD5: 52e10c90700a37a33a132d8e67120f39
Analysis Report
VBA document dropping Empire via HTA, decoy targeting Spiez Convergence in Switzerland
MD5: 0e7b32d23fbd6d62a593c234bafa2311
Analysis Report
Word document, OLE reference to external RTF, CVE 2017-11882, TrickBot
MD5: 70162476205496513fd88e9069372e53
Analysis Report
SynAck Ransomware using Doppelgänging injection technique
MD5: 6f772eb660bc05fc26df86c98ca49abc
Analysis Report
Lokibot dropping Adwind RAT
MD5: d87bda9120de373ab47fe445b99b6298
Analysis Report
Netflix Phishing
hxxp://confirm-your-info-51783[.]confiry0[.]beget[.]tech/151604749699341/nfx/
Analysis Report
Zeus Panda e-Banking trojan
MD5: a77ad824e5058d6504a791d0289ffc3d
Analysis Report
Hacking Team Remote Control System Spyware
MD5: c0618556e9ef16b35b042bc29aeb9291
Analysis Report
Hacking Team Remote Control System Spyware
MD5: c0618556e9ef16b35b042bc29aeb9291
Analysis Report
Excel sheet exploiting Adobe Flash Player vulnerability CVE-2018-4878
MD5: 5f97c5ea28c0401abc093069a50aa1f8
Analysis Report
Malicious office document targeting several government entities, dropping Sofacy
MD5: 56f98e3ed00e48ff9cb89dea5f6e11c1
Analysis Report
Turla / KopiLuwak Backdoor
MD5: 7c378d78b7a89aef27e8a3c5066b8511
Analysis Report
RTF exploiting CVE 2017-11882
MD5: 11f71f387e87bbb2b97b6c27f78320e4
Analysis Report
FIN7 / Carbanak Trojan
MD5: a00ae556a61907d43332449169c88844
Analysis Report
Bad Rabbit new version of NotPetya
MD5: fbbdc39af1139aebba4da004475e8839
Analysis Report
Emotet Banking Trojan
hxxp://austinfilmschool.org/Invoice-Dated-17-Oct-17-372510608/VR-AOFGB/2017/
Analysis Report
CVE-2017-8759 dropping FinFisher / FinSpy
MD5: 24a3d1d2f36824dfa190d8f93da26432
Analysis Report
AES based Phishing Page for Office 360
hxxps://login.microsoftonlineoww.recentviralvideos.com
Analysis Report
New Locky Ransomware Diablo6 Variant
MD5: 544bc1c6ecd95d89d96b5e75c3121fea
Analysis Report
Petya Ransomware loaded with EternalBlue SMBv1 Exploit
MD5: 71b6a493388e7d0b40c83ce903bc6b04
Analysis Report
PPS Lure, using HREF Mouse Over to drop payloads
MD5: 823c408af2d2b19088935a07c03b4222
Analysis Report
Malicious Word document, CVE-2017-0199, dropping Dridex e-Banking trojan
MD5: 8b6f6bdefdc6b42abf9f372123152ab2
Analysis Report
Nice powershell analysis of Locky & Konvter
MD5: 2161f8cf7b6c1a1a3a6fdc41083566a5
Analysis Report
Office Document Spear Phish target Mongolian Government
MD5: 614875cf37898562aa115a64f17b0117
Analysis Report
Digitally signed VBA dropper, nice VBA analysis
MD5: 2b83bd1d97eb911e9d53765edb5ea79e
Analysis Report
Cthulhu Stealer on Ventura (ARM64)
SHA256: 6483094f7784c424891644a85d5535688c8969666e16a194d397dc66779b0b12
Analysis Report
XLoader (Objective-C) on Ventura (ARM64)
SHA256: 453e155722ac23771d63418e39f88430b0a922bd5f4afa81dcc73db44571b79e
Analysis Report
LockBit randomware analyzed on native MacMini Apple Silicon (ARM64) with macOS Ventura
SHA256: 3e4bbd21756ae30c24ff7d6942656be024139f8180b7bddd4e5c62a9dfbd8c79
Analysis Report
XCSSET trojan
SHA256: 483b2f45a06516439b1dbfedda52f135a4ccdeafd91192e64250305644e5ff48
Analysis Report
NukeSped with Coinbase PDF (Lazarus)
SHA256: fe336a032b564eef07afb2f8a478b0e0a37d9a1a6c4c1e7cd01e404cc5dd2853
Analysis Report
NukeSped.N with Decoy PDF (Lazarus)
SHA256: 55571ac52e1f02f18af77e2f3314382c982a37744b58732dfc15faac9d66619f
Analysis Report
Gimmick Trojan
SHA256: 2a9296ac999e78f6c0bee8aca8bfa4d4638aa30d9c8ccc65124b1cbfc9caab5f
Analysis Report
DazzlySpy Trojan implant
SHA256: f9ad42a9bd9ade188e997845cae1b0587bf496a35c3bffacd20fefe07860a348
Analysis Report
SysJoker Multi-Platform Backdoor
SHA256: 1a9a5c797777f37463b44de2b49a7f95abca786db3977dcdac0f79da739c08ac
Analysis Report
MACMA aka CDDS Payload used in watering hole attack campaign
SHA256: cf5edcff4053e29cb236d3ed1fe06ca93ae6f64f26e25117d68ee130b9bc60c8
Analysis Report
OSX ZuRu running in trojanized iTerm2
SHA256: e5126f74d430ff075d6f7edcae0c95b81a5e389bf47e4c742618a042f378a3fa
Analysis Report
XLoader / Formbook info stealer on macOS
SHA256: 81c4276f2e3c0ed456b08402a6a5b63d0cad68220b7a3275b3cbf0ba73faaa21
Analysis Report
WildPressure macOS Python (analyzed with Live Interaction)
SHA256: 1448f34fcde1e6d7df000c38a61c3dd6d5fd304f9ad60cadfa3deb875b6b088f
Analysis Report
Shlayer with CVE-2021-30657 exploit for bypassing Gatekeeper, File Quarantine and Application Notarization
SHA256: 70c6f9da05046525605e2066185929c2659e27a3851dc43d8aa69e2692e6154f
Analysis Report
Adware Bundlore
SHA256: 02835cb8f68488d57e55430bf6032bee84460ed9eb8f649a5e9e1838c3a0df4f
Analysis Report
OSX Dacls backdoor/RAT (Lazarus APT)
SHA256: 899e66ede95686a06394f707dd09b7c29af68f95d22136f0a023bfd01390ad53
Analysis Report
OSX GMERA.2 Trojan and Stealer
SHA256: faa2799751582b8829c61cbfe2cbaf3e792960835884b61046778d17937520f4
Analysis Report
OSX GMERA.1 Trojan and Stealer
SHA256: 18e1db7c37a63d987a5448b4dd25103c8053799b0deea5f45f00ca094afe2fe7
Analysis Report
OSX NetWire
SHA256: 07a4e04ee8b4c8dc0f7507f56dc24db00537d4637afee43dbb9357d4d54f6ff4
Analysis Report
OSX OceanLotus
SHA256: e94781e3da02c7f1426fd23cbd0a375cceac8766fe79c8bc4d4458d6fe64697c
Analysis Report
OSX WinPlyer Trojan + MacSearch Adware
SHA256: c87d858c476f8fa9ac5b5f68c48dff8efe3cee4d24ab11aebeec7066b55cbc53
Analysis Report
OSX WindTail
SHA256: ad282e5ba2bc06a128eb20da753350278a2e47ab545fdab808e94a2ff7b4061e
Analysis Report
OSX LamePyre
SHA256: a899a7d33d9ba80b6f9500585fa108178753894dfd249c2ba64c9d6a601c516b
Analysis Report
OSX DarthMiner (EmPyre + XMRig)
SHA256: ebecdeac53069c9db1207b2e0d1110a73bc289e31b0d3261d903163ca4b1e31e
Analysis Report
OSX AwesomeSearch Adware Spyware
MD5: a6338a0054fe0e05574787a7a96e7b88
Analysis Report
New Crossrider variant
MD5: 653be35703942572c502e75710c56f56
Analysis Report
OSX Proton in Supply Chain Attack (Elmedia Player)
MD5: 29fb77664fc4f13ea5f65cfe01b292af
Analysis Report
Trojan OSX Snake aka Turla
MD5: 000e4225f382f9eee675dcaf3cbf9c7e
Analysis Report
iKitten / Macdownloader, Spyware
MD5: 787d664e842961f2a335139407f91a70
Analysis Report
Dinodas RAT on Ubuntu 22.04 x64
SHA256: 15412d1a6b7f79fad45bcd32cf82f9d651d9ccca082f98a0cca3ad5335284e45
Analysis Report
TeamTNT variant mining Raptoreum (RTM) cryptocurrency
SHA256: 4f4fef3aa02d725b00793b75afcd2d75ecd554a9a23cb3e7d87969b3226f72b1
Analysis Report
SysJoker Multi-Platform Backdoor
SHA256: bd0141e88a0d56b508bc52db4dab68a49b6027a486e4d9514ec0db006fe71eed
Analysis Report
Abcbot botnet malware
SHA256: 22b521f8d605635e1082f3f33a993979c37470fe2980956064aa4917ea1b28d5
Analysis Report
XMrig cryptominer disabling HW prefetcher in MSR registers
SHA256: 28e9b06e5a4606c9d806092a8ad78ce2ea7aa1077a08bcf3ec1d8e3d19714f08
Analysis Report
REvil Linux (analyzed with Live Interaction)
SHA256: ea1872b2835128e3cb49a0bc27e4727ca33c4e6eba1e80422db19b505f965bc4
Analysis Report
Tsunami botnet malware
SHA256: 864d438887ea34ffd06b03695267e93b48e73ec0f39d047968a1cce44448c581
Analysis Report
FinSpy (FinFisher) commercial trojan
SHA256: 1e9162cd0941557304a6a097dfaadf59f90bc8bbaa9879afe67b5ce0d1514be8
Analysis Report
IoT Bot with DDoS Capabilities
SHA256: 105a07a0dd8b9a0c2dcde26db29a14e033f98ee28d20f7e7115d7ccd919d60de
Analysis Report
WatchBog CoinMiner
SHA256: 26ebeac4492616baf977903bb8deb7803bd5a22d8a005f02398c188b0375dfa4
Analysis Report
CoinMiner with Brootkit user-mode rootkit
SHA256: c69ee0f12a900adc654d93aef9ad23ea56bdfae8513e534e1a11dca6666d10aa
Analysis Report
VPNFilter Bot APT, Stage 2
MD5: 87049e223dd922dc1d8180c83e2fde77
Analysis Report
VPNFilter Bot APT, Stage 1
MD5: 5f358afee76f2a74b1a3443c6012b27b
Analysis Report
VPNFilter Bot APT, Stage 2 (debug version)
MD5: 87049e223dd922dc1d8180c83e2fde77
Analysis Report
Xenomorph, targeting over 30 different banks
SHA256: 259e88f593a3df5cf14924eec084d904877953c4a78ed4a2bc9660a2eaabb20b
Analysis Report
DexPro protected APK using multiple Android Zipfile parser flaws
SHA256: b3561bf581721c84fd92501e2d0886b284e8fa8e7dc193e41ab300a063dfe5f3
Analysis Report
S.O.V.A analysis on Android 12 Snow Cone
SHA256: b01b74aaf249d0740f541c081c0c0de4bf455b4b68f2634fab6cf8aafcd95d52
Analysis Report
S.O.V.A. Banking Trojan
SHA256: efb92fb17348eb10ba3a93ab004422c30bcf8ae72f302872e9ef3263c47133a7
Analysis Report
TEABot e-Banking trojan
SHA256: 89e5746d0903777ef68582733c777b9ee53c42dc4d64187398e1131cccfc0599
Analysis Report
Anbuis e-Banking Trojan using COVID19 theme
MD5: 3bb8fe04c67d6b35a92968bedffb7449
Analysis Report
Cerberus e-Banking Trojan using COVID19 theme
MD5: 89dc684c914932f0bb05222d98ccae17
Analysis Report
EventBot e-Banking Trojan (dev version)
MD5: f73f66b15791a42dac86d0ced46d660f
Analysis Report
Riltok e-Banking Malware
MD5: 2f07c9b2a67104f8bc08d831c8922b6a
Analysis Report
Android Malware which is able to send Whatsapp messages
MD5: 8df5b22cabc10423533884da7648e982
Analysis Report
Spyware XLoader related to Roaming Mantis
MD5: 651b6888b3f419fc1aac535921535324
Analysis Report
Anubis e-Banking Malware
MD5: b195bb8399be64002fbca421f14b2ac1
Analysis Report
Android Clipper, stealing crypto currency via clipboard hook
MD5: 24d7783aaf34884677a601d487473f88
Analysis Report
Android Spyware / Trojan MobSTSPY on Android 8.1 Oreo
MD5: 6af7af5cf626424751990f99731170e0
Analysis Report
Android Click Fraud Trojan
MD5: 03d66dd7ec05c8aa113854d6ad502ebb
Analysis Report
BianLia Trojan / Banker using date evasion and packing
MD5: 0c52aa43d1244c604b5f073f344677d8
Analysis Report
BankBot aka Anubis 2.0
MD5: 8ad6ee283c1b5b5a855bb3857ce7f275
Analysis Report
BankBot Anubis, e-Banking Trojan, Ransomware
MD5: 7e6a3e943673f731130fc5b4aeecde1b
Analysis Report
Roaming Mantis Android banking Trojan
MD5: 03108e7f426416b0eaca9132f082d568
Analysis Report
Skygofree, Trojan / Spyware
MD5: 39fca709b416d8da592de3a3f714dce8
Analysis Report
Coin Miner via CoinHive Javascript
MD5: fc1e08187de3f4b7cb52bd09ea3c2594
Analysis Report
DoubleLocker Android Ransomware
MD5: 85cfbd81ff6729927c968fbbb2d1d84d
Analysis Report
SonicSpy Android Trojan / Bot
MD5: 544bc1c6ecd95d89d96b5e75c3121fea
Analysis Report
APT28/Grizzlybear Lojack Double Agent
MD5: 595aff5212df3534fb8af6a587c6038e
Analysis Report
APT28/Grizzlybear related sample
MD5: f0309aa0519ee70c29bbb471352781e7
Analysis Report
Malicious RTF using CVE-2018-0802
MD5: 15a43d4c8ae9592ee06a410c58311e35
Analysis Report
Dinodas RAT on Ubuntu 22.04 x64
SHA256: 15412d1a6b7f79fad45bcd32cf82f9d651d9ccca082f98a0cca3ad5335284e45
Analysis Report
TeamTNT variant mining Raptoreum (RTM) cryptocurrency
SHA256: 4f4fef3aa02d725b00793b75afcd2d75ecd554a9a23cb3e7d87969b3226f72b1
Analysis Report
SysJoker Multi-Platform Backdoor
SHA256: bd0141e88a0d56b508bc52db4dab68a49b6027a486e4d9514ec0db006fe71eed
Analysis Report
Abcbot botnet malware
SHA256: 22b521f8d605635e1082f3f33a993979c37470fe2980956064aa4917ea1b28d5
Analysis Report
XMrig cryptominer disabling HW prefetcher in MSR registers
SHA256: 28e9b06e5a4606c9d806092a8ad78ce2ea7aa1077a08bcf3ec1d8e3d19714f08
Analysis Report
REvil Linux (analyzed with Live Interaction)
SHA256: ea1872b2835128e3cb49a0bc27e4727ca33c4e6eba1e80422db19b505f965bc4
Analysis Report
Tsunami botnet malware
SHA256: 864d438887ea34ffd06b03695267e93b48e73ec0f39d047968a1cce44448c581
Analysis Report
FinSpy (FinFisher) commercial trojan
SHA256: 1e9162cd0941557304a6a097dfaadf59f90bc8bbaa9879afe67b5ce0d1514be8
Analysis Report
IoT Bot with DDoS Capabilities
SHA256: 105a07a0dd8b9a0c2dcde26db29a14e033f98ee28d20f7e7115d7ccd919d60de
Analysis Report
WatchBog CoinMiner
SHA256: 26ebeac4492616baf977903bb8deb7803bd5a22d8a005f02398c188b0375dfa4
Analysis Report
CoinMiner with Brootkit user-mode rootkit
SHA256: c69ee0f12a900adc654d93aef9ad23ea56bdfae8513e534e1a11dca6666d10aa
Analysis Report
VPNFilter Bot APT, Stage 2
MD5: 87049e223dd922dc1d8180c83e2fde77
Analysis Report
VPNFilter Bot APT, Stage 1
MD5: 5f358afee76f2a74b1a3443c6012b27b
Analysis Report
VPNFilter Bot APT, Stage 2 (debug version)
MD5: 87049e223dd922dc1d8180c83e2fde77
Analysis Report
INC Ransomware
SHA256: d1e0cac795c8f8ef7080d0c96f0240ea18f15d56ee5a17bb6595af01aa641e11
Analysis Report
Bumblebee Loader with extensive Anti-VM and Anti-Sandbox techniques
SHA256: c65c51ed60f91a92789c4b056821ef51252baa2a1679a6513ab008acf0464ccb
Analysis Report
Date-aware (<20.1.2020) Cassandra Crypter dropping AgentTesla
MD5: a24c195da4f8a5dee365875b3e3a38a1
Analysis Report
TrickBot Downloader counting total number of processes
MD5: 3e8c58262860fcbce68af93f4a022232
Analysis Report
Evasive GuLoader dropping Formbook, bare metal analysis
ab5135e71815ad27daf57be78754c85d
Analysis Report
Evasive JS dropper checking the video card RAM size via WMI Win32_VideoController.adapterRAM and many additional WMI checks
6cdad3b5ac021d3dbf0fb6159831cdce
Analysis Report
Unknown loader using Instruction Hammering, dropping DarkComet
DDD60E9AE362DEF377AA70D414ED374D
Analysis Report
AgentTesla, tries to steal Putty/WinSCP info
MD5: 2689e0bd727c85849f786822b360cd28
Analysis Report
GuLoader with many evasion, including Instruction Hammering
01a54f73856cfb74a3bbba47bcec227b
Analysis Report
SmoleLoader using various VM detections, CodeIntegrity checks, etc
18b04e2fd804d553d9a35e088193dea7
Analysis Report
AgentTesla loader using RDTSC, CPUID and Win32_BaseBoard VM detection
MD5: 87e74af7016e8a9b9304dc537fa093da
Analysis Report
Azorult, using several tricks to detect sandboxes (desktop resolution, tick count, processes etc)
MD5: ff17014cbb249e173309a9e1251e4574
Analysis Report
Country (Application.LanguageSettings. LanguageID) and filename (ActiveWorkbook.Name) aware VBA dropping Ursnif
MD5: c5e1106f9654a23320132cbc61b3f29d
Analysis Report
FrenchyShellcode Packer with open window check, dropping NJRAT
MD5: 879d9a2c75ee83443a0a913f5dc71b5c
Analysis Report
GetKeyboardLayout - check English / Russian - if yes crash
MD5: 2d1ca86789091f84f0d4f6af9fd5d51d
Analysis Report
Delays execution by executing massive amount of instructions / loops for more than 3 minutes
27cf7e2be6e049b2793ad9f38218eb01
Analysis Report
Malicious document dropping Gozi, NUMBER_OF_PROCESSORS VBA check
MD5: 6f772eb660bc05fc26df86c98ca49abc
Analysis Report
Country aware VBA Macro using GetLocaleInfo
MD5: 6a9eda3eb0bfc222ab46725829faaec7
Analysis Report
Country aware VBA Macro
MD5: aacb83294ca96f6713da83363ffd9804
Analysis Report
Imminent RAT using several anti-debugging and anti-VM evasions
MD5: d6c644512c430cd64965c2259150f371
Analysis Report
Country aware VBA Office Macro
7ffdde19a2ce936c1e1ed92aeb25eb78
Analysis Report
Word Document VBA process name and count check
MD5: cd15a7c3cb1725dc9d21160c26ab9c2e
Analysis Report
Gootkit e-Banking trojan using a whole bunch of anti-analysis and anti-vm techniques
MD5: 0ee40dfb96795b73c6bc1eef31e59356
Analysis Report
Gozi 2.17 using GetLocaleInfo and GetCursorPos evasions
MD5: 7e17f0f35d50f49407841372f24fbd38
Analysis Report
BONDUPDATER using various WMI querys to check for physical hardware (fan, thermal sensors etc)
MD5: ea6321f55ea83e6f2887a2360f8e55b0
Analysis Report
Evasive Backdoor, Time Evasions, Debugger Detection, VM Detection
MD5: 9e3ea995e40b62adae78e93e6b30780c
Analysis Report
Evasive sample using GetKeyboardLayout to target French computers
MD5: fe1214a06ffc40b1ebb524f185894487
Analysis Report
Olympic Destroyer, Wiper malware targeting Olympic Games 2018 in PyeongChang
MD5: f12fc711529b48bcef52c5ca0a52335a
Analysis Report
Elise malware loaded with Sandbox evasion using CVE-2018-0802 for persistence
MD5: f12fc711529b48bcef52c5ca0a52335a
Analysis Report
Retefe using MUILanguages Sandbox evasion trick
MD5: 85fc638bd373af9a95c715bc4f8b97fc
Analysis Report
Sandbox Process DOS / overloading
MD5: 1de07d0af66cfa7b504c2f563d45437b
Analysis Report
CCleaner (signed) infected by unknown malware, IcmpSendEcho evasion
MD5: ef694b89ad7addb9a16bb6f26f1efaf7
Analysis Report
OSAMiner
SHA256: df550039acad9e637c7c3ec2a629abf8b3f35faca18e58d447f490cf23f114e8
Analysis Report
OSX OceanLotus.F
SHA256: cfa3d506361920f9e1db9d8324dfbb3a9c79723e702d70c3dc8f51825c171420
Analysis Report
FinSpy (FinFisher) commercial trojan
SHA256: 4f3003dd2ed8dcb68133f95c14e28b168bd0f52e5ae9842f528d3f7866495cea
Analysis Report
EvilQuest (ThiefQuest) Ransomware, contains functions related to anti-analysis
SHA256: b34738e181a6119f23e930476ae949fc0c7c4ded6efa003019fa946c4e5b287a
Analysis Report
Nicro Android Trojan using several evasion techniques
MD5: 7b7064d3876fc3cb1b3593e3c173a1a2
Analysis Report
Cerberus using motion events (accelerator) to trigger payload
MD5: a342b423e0ca57eba3a40311096a4f50
Analysis Report
Evasive Android dropper using native libraries to detect VMs and rooted devices
MD5: f412517d1e386cbd567fbba81d1842fe
Analysis Report
Anubis Loader using motion events (accelerator) to trigger the installation
MD5: d97a63536a7225bb1e788e7c244373dc
Analysis Report
BianLia Trojan / Banker using date evasion and packing
MD5: 0c52aa43d1244c604b5f073f344677d8
Analysis Report
GhostRat
SHA256: 51434b554c4e3b123e0a90db3048ec6d5edaed4cdb245c8f9e3dbddb378f2845
Analysis Report
XWorm
SHA256: 691c8281d68680d1f8966d657bfbcf4d100c7a70d6894493946793cc320623a6
Analysis Report
DarkVision Rat
SHA256: 87bd876ce006ac681bdc03bb01449c6444f93f8ddf147c6af6b8e1275e3949e9
Analysis Report
XRed
SHA256: fc1595c71b570027b6712c70cafcc075686e14b5702a5a0910f642eb739ac01f
Analysis Report
VIP Keylogger
SHA256: 96882b077a607f34cd963461341d728982e2075ffd4891f1b91e915da904cfe0
Analysis Report
Meduza Stealer
SHA256: 6d38c8152edc5634fa7cae67424a5b28e1dca4b1037d99704c331c91faca77b7
Analysis Report
Blank Grabber
SHA256: ee5707904b7372b5389df014be575f574497907db3cad4ba45d52adc8f12e0a3
Analysis Report
DBatLoader
SHA256: f65d5f51c5b69891d73c3799b4ed4d53fea665a6ef5b3d0cce8cae1e96c0e785
Analysis Report
JasonRAT
SHA256: 155854758b79cdee58f7df5c1a4a07d3b19b3d64a0a58b2e8faf6d8b67042f3c
Analysis Report
Cryptbot
SHA256: ee6c112a14a1e5a9429b47f5b810f61a58e77860eea867e064d2ab40582757cc
Analysis Report
44Caliber Stealer
SHA256: a680029a0a1bd1aa336b5e4086104f21f2a97b054e6fb1b9fb122ed32786ce12
Analysis Report
Umbral Stealer
SHA256: 46a67cdc899f61ccb6324d187d56b389f720d72beb02594fd60fdc4a8ca62ab4
Analysis Report
Divulge Stealer
SHA256: b3be3371628c3633b544d0e73a2b0dfe93faef9f49cea25b7b88d7a9d9a1bccf
Analysis Report
DotStealer
SHA256: 2a06b6535a0057b961f41e9b0790ffbc6f540566f2c21ae66cee4b61f5a360eb
Analysis Report
Phemedrone Stealer
SHA256: 498ac6b747691eb456fc24ac26c3932effca9b46e39740963120f711e72aefc9
Analysis Report
Discord Rat
SHA256: e7f2b9453131a2040ff975e27915fe21f6b80953b12fe6d7309af2f6db45cb14
Analysis Report
Millenuim RAT
SHA256: 9165705656ffe7608922ff366357e3b98b0e5ece8c6d39780874c7b4bd7b2dd3
Analysis Report
KoiLoader
SHA256: bcf349409a0111d7179994c408f6d02d325fb64647d56d5bd158aadfc0a88211
Analysis Report
HawkEye
SHA256: aca540b3ad20e1fd49ec550107eff0c164990de1067a9542daf615465f82c331
Analysis Report
Poverty Stealer
SHA256: 0b6604d2e6086f7322c634ab925bdc381fe720a2a12f254e5b63b42f89b680f7
Analysis Report
Mint Stealer
SHA256: 4a6fdaf2e12c9e573006a2f5bd79f1283a9f316faba45f29e413e5dcb71d0ea3
Analysis Report
Urelas
SHA256: 83b591f5ea6d9131d736b8fbf255ff5f691d84ad8625778f959295764575067e
Analysis Report
SilverRat
SHA256: fd32b776edd0656ad550b2a4981897515f5f2c793eb3d80da8fcd04f98b12222
Analysis Report
WhiteSnake Stealer
SHA256: 7cba781d569196e89a86f10cee7d69918fe05df1461d1f0ed3426ccb2046002e
Analysis Report
ZTrat
SHA256: 318647f8d8fa142ee1df6c8d8aa440688ce2c82cad3cc4341a2c3869d88d9740
Analysis Report
Greatness phisher with full config extractor
https://materialesvite.com.mx/upload/QebqNQebqN/QebqN/YWxiZXJ0by5kb3Npb0B0aGFsZXNhbGVuaWFzcGFjZS5jb20=
Analysis Report
CopperShrimp
SHA256: 339fe7bdfbe4212886cc8582655b83f5d2ee08c33939fa331447e7ee1ddf0d0b
Analysis Report
Simda Stealer
SHA256: 7757d34ab16584dd4e8e8493cda9b22a3bb60509392c269081ef71ff0de1d9b3
Analysis Report
Latrodectus
SHA256: 9645a12079edffd20560d4631160a6052ae5728d6f73b7366588166ad281c534
Analysis Report
XenoRAT
SHA256: 8d84fc99073709f0c6049b80fa088c9af03c5525148e61b2d258cc3f1d4c7d8e
Analysis Report
Strela Stealer
SHA256: 14009b05324320da1f4942c35d0cfd24b5dbc49773ce4618e6e070d74a7ffb6a
Analysis Report
Redline Clipper
SHA256: 9802c511f650d5eb611d309889655ac2f8daab5f87c30463b2505da99076192b
Analysis Report
Kraken Rat
SHA256: 0eef67dbee8912b9267f7ca7f7eb4f63547bc8d336bdddc22f98c14563c32515
Analysis Report
Typhon Logger
SHA256: bebd7434928eb7d1fb89a84ba41c3838fb5734f446b58b8bfb2d5dddf48e518b
Analysis Report
Stealerium
SHA256: 86aa79c05ad10f311c2c4d97ddc40d8fb048d25271d68387608aff6600bb5ac4
Analysis Report
StealC
SHA256: b020c34a3b2b4bc4fbfa0ac4d3ca97283e2fdce71f737e1103bd638ed8f6647a
Analysis Report
RHADAMANTHYS
SHA256: 9e068da322450ae34e33254c3bd919c1a38c5387f10f99ce4305bc63452acea6
Analysis Report
WshRat
SHA256: 5f0329e51f347ca573ea69cd865bb03d0526d9e9e91477a4502a9fe35c3fbddf
Analysis Report
Vector Stealer
SHA256: 86e233cb75b893c9e4e0d26385155c4f575e4217f2d52cba592641c996bc9cc8
Analysis Report
Aurora
SHA256: 5892a93d287a1e4bd97fb09b79b6e2af5643103511f3678c8212ec803ff3b449
Analysis Report
Chaos
SHA256: 074c7aa722ff77df5ed56b655cc11da0288550a7405dc439be4417c6fccf7d5f
Analysis Report
Kovter
SHA256: a597d34bc2464c3ace48ac04f6653f65ac4822ea8e4a5717ba9e4909b8c62240
Analysis Report
Luca Stealer
SHA256: 70805738871f24f390c7b1e62e6b48bc4850399992d8b62bba3160550a0a3655
Analysis Report
Qbot Downloader
SHA256: 56734da861a7d95f690e0172e717cc933513e37677c18c9277a2a261e55090ac
Analysis Report
VenomRat
SHA256: 35330f1bbbc0f361845b9b987e2f4ac70cdb96ab3f9e80161c2b8971c7df0df4
Analysis Report
Upatre
SHA256: 215c37360388d16653ffc1740c639d486753a9db69a8ad4f3e1b172b1b712df4
Analysis Report
JCrypt
SHA256: 8bf1319fd0f77cd38f85d436e044f2d9e93e3f33844f20737117230b73b60f6c
Analysis Report
Nymaim
SHA256: c360868055519b145bf9169b913787cd1f6533995e4d8a8556f94676a6129f96
Analysis Report
Crimson
SHA256: ca74472613129855bd7fc79c4a245a2f27de85086cfd191506f1c9906b9ae460
Analysis Report
LockBit ransomware
SHA256: 367f5b45da98215ff297e0856e4a961c9e831e4f06457f16453f60d0cf407449
Analysis Report
Eternity Stealer
SHA256: 4cb0b838560c4e859b8aa29c40fffde2f196a827eda7f69a2b766299651c50df
Analysis Report
PhoenixRAT
SHA256: 77cb17ef2f4f282f39838e7430bf040c3356e59ae8f13cbd4e670712e9f44a4e
Analysis Report
Erbium Stealer
SHA256: b8490732ccb34fdd76910ee15aa3eced95ef445f2ab287d45181f98f44742df1
Analysis Report
CryptbotV2
SHA256: 29842f71bd503e86896ae4b274aa21a0eaa67144ad83e2df89072ea8e8458fd0
Analysis Report
Vermin Keylogger
SHA256: af1d446bb3abc47b5eacb7a00ebb1992be1c464cac5b0e4283b12f0500c3ad4e
Analysis Report
S500Rat
SHA256: b3f2810e4ba5c3341498d99807e2f200459eb2bd4d365b3ee52a20e9e12606c1
Analysis Report
LummaC Stealer
SHA256: f33a6585faa522f1f03b4bacbd77cb5adc0d1ad54223b89dc8f6ebb05edfe000
Analysis Report
Kutaki
SHA256: de09ae47bc867cc2d931c49a3b77cb6107f48e8c00c38a7c3e57b85db8a80452
Analysis Report
Phorpiex
SHA256: a8d0ac5762f61683d7cbcbfc53e0b650e632625d7ffabf08b45986908891ee96
Analysis Report
Eternity Clipper
SHA256: a23855393505a14023834569b263ceebd810a4f041716b4f606f5ba9d25c265a
Analysis Report
BlueBot
SHA256: b4851333efaf399889456f78eac0fd532e9d8791b23a86a19402c1164aed20de
Analysis Report
Predator
SHA256: d9536057855ddfa0656463b11191f1fd1a34f95032c676f7d3afc7cd5372068b
Analysis Report
Rook
SHA256: c2d46d256b8f9490c9599eea11ecef19fde7d4fdd2dea93604cee3cea8e172ac
Analysis Report
BumbleBee
SHA256: e6c6ad0411501c2d81863c0ecaf80ace8a5e9b6ce8329c5700890eb36991f6fb
Analysis Report
Tofsee
SHA256: a96edd53cb70eb51f8bb9fbd0b9d0777e6b65c5203fb3b73229431b49da155e4
Analysis Report
BluStealer
SHA256: 6e7ed6e2800cb45547906279f027fe098d08bb0dbc517ce41fe0ebe33222ab99
Analysis Report
Socelars
SHA256: 07a029536d442a18485d88a48362cd84a184a6e54695496b1462b7f6d9a2c2c1
Analysis Report
Xtreme RAT
SHA256: 484310027c8e469f5154e53c9d3543095410b68730722158848b01d5a842642c
Analysis Report
Matanbuchus
SHA256: 490bcee7c0b9607d834fd8b3e5d01613d062fcf48be043e6f5f60c5077b55e3c
Analysis Report
Jester Stealer
SHA256: 2f60704e2dac47d532955485a04c195dffa41f9e638527ac42c82a224b2202ea
Analysis Report
BlackMatter
SHA256: 22d7d67c3af10b1a37f277ebabe2d1eb4fd25afbd6437d4377400e148bcc08d6
Analysis Report
AveMaria
SHA256: 7eb784edddde0eddd7b21c4907916f0109334a4237a9c2eb917caf8eae81480f
Analysis Report
DanaBot
SHA256: 18ae9ea1c1d71b33777c8772248580f17a2bcecf1aa0e8f71ec15d4b33d5253b
Analysis Report
Cryptbot Glupteba
SHA256: 84f4e2b346b6f5473e2c564a6f60985c5d20f621e70a982e9aafd21354ccc66f
Analysis Report
BitRat
SHA256: 881003326302ab243f71138e2e39517677c9117fd73e50f8989ee9b39e86407b
Analysis Report
Matiex
SHA256: 6e039c725ce804c6aae1d4d56d11802a125895bf71bf99e293ec333b91cbc73b
Analysis Report
Oski
SHA256: dda5d47308c0ebcb2555cda19b4c05a88d633396909456b9ee5fcee42e197724
Analysis Report
Clipboard Hijacker
SHA256: 5bc09c3c2a751169a32cf97a62765f127bce2d0eadce3481a6a831b6fdcc044e
Analysis Report
Fareit Pony
SHA256: 2cec15c8fef9435abd5c332486d8ad7083eeb9eb84de9077b5bf6bb42458dba5
Analysis Report
CobaltStrike
SHA256: fc6401d5a9a05017e8551916ac6a39894467301d3d0349f719bb11ba1ecc38d6
Analysis Report
Djvu
SHA256: 0d977e55742460c71884d6040178fc8c7abf8c97136b6293da37cbf9c59b6778
Analysis Report
Squirrelwaffle
SHA256: da031faf0a918be7bf90705dac2ce63cfda65226360202ac1d53a6849592e9b3
Analysis Report
Jupyter
SHA256: 5cf24553e521de102628e1ebdadb69a6623904f08b51cf5b1ea14779e03e8682
Analysis Report
RevengeRAT
SHA256: b943704744a23c06174a36aa0e24ecc7ac67aad9edc9c4bd46dd1f007514796d
Analysis Report
njRat Xtreme RAT
SHA256: f32fb1af5db650065e6e1d02ade5506e6c0903e4bbc9ff6ff2fbf94bef6ffba4
Analysis Report
SystemBC
SHA256: c27741b9e50da0c369b848179c9a4f9b0362b6d5e384055c6c72fc9667a270ec
Analysis Report
Phantom Miner
SHA256: d83d1ebc7cffb2050517fe68343b2a4cb4e7ed7f45aa2c14a2dff25a8eeb9c8b
Analysis Report
Orcus
SHA256: 3ffef680021c116955e889822e935c55b05576f9a0f9bd1dde334c0ccbfca006
Analysis Report
Grandsteal
SHA256: dda8e5e4b93708ef5042d3e46027670a9ffa93f4c18646d0e48b13f8d1b013fe
Analysis Report
MercurialGrabber
SHA256: c2603d684ad273865985ea6e7ce27c9236e173d7633a72f2378a1309d9ec77ac
Analysis Report
BlackNet
SHA256: 4054ee21cbfc210489f119c2d717ca1ae43129fc0d07aefe322fabb3b61d079f
Analysis Report
Caliber
SHA256: cd80318bc4c724934435231e72cbf7cbf5942df8b36e480603237e2ed08d4a93
Analysis Report
HawkEye MailPassView
SHA256: 047f33e6f83796d9fc056d7006a6e8ef69696d63eceb29fb1592bb13a62e79bf
Analysis Report
FatalRAT
SHA256: 2d9002135a5b85b3f3962eab45859f1e59d20ded771b94f0e1127c6c162cb0f4
Analysis Report
Redline
SHA256: a0faa82eeb65dec2d55e0041f18eb27652dafd93dc25e105927303e277cd8df6
Analysis Report
Hancitor
SHA256: 632752c9d2297bd6b6467bd7b93f10c99716456f31e4bf314794f2ab6aeed0a8
Analysis Report
Lokibot
SHA256: 25b6f68e2bf505cfde67c533f5d12e869b30efe831fa82fd91c2c29f59fc77ac
Analysis Report
Dridex
SHA256: 53dfeaa26585a77816d74ce38b16c4b1d3db0cf346d968253eae4797db1ade10
Analysis Report
Formbook
SHA256: bc4765682b3b1250e178d1154cfd56fbe1fb4ac0c8e8346d9e6f3ed6c661907d
Analysis Report
Remcos
SHA256: eb9e13fd092522e4dde08e96961117f9926e3ef70ca3b225f8c388e476541a21
Analysis Report
Ursnif
SHA256: fd35940bf6701f7d98b39196b19273c86c74757ca2c226cff607fa23df183e03
Analysis Report
CryLock
SHA256: 6bc21092f49a473b0fd4d1e1a77ce5d7e97e961334764b606b7014710fb75466
Analysis Report
NanoCore
SHA256: c4bb3e5a6f33dca9143ede298d37b20c1dd8ab6be22f2544987f53d468e0e815
Analysis Report
Metasploit
SHA256: 7793c2fd34248236e83206fdd01b547436e966bcb6cae21adcbf61550b62daea
Analysis Report
QBot
SHA256: fff572167e03d2446c8abd0b5ddfe8657692ff07967bdd380881469df7df1484
Analysis Report
LimeRat
SHA256: a81addf8ad395ae36a617da9fb138337c17941475c1e3f3003d2571c8cb3b84e
Analysis Report
NetWire
SHA256: 1dcddce0408092a22c015e183e463020a7231e1f5ca47e71acad4ddcfb0f2385
Analysis Report
njRat
SHA256: bfd5d84c4fed8f9d23f94fe32bb7ee415dbe632c2ebaac642dbfdb73f89d0833
Analysis Report
SmokeLoader
SHA256: d73e37b3ed710e4128e3c76e2f0fd61dbb2fdcddfd8cfa51ffe244fa19433bb2
Analysis Report
TrickBot
SHA256: 7d35c3abef65ed1d81d2f70944db31ba2a8cc703f1ccf8b82ca7b3929b8233e1
Analysis Report
StrRat
SHA256: b63a342fa88add92fbe34e707de613c1494f08debb6ab0e4dad851b4039dc6e4
Analysis Report
Snake Keylogger
SHA256: b20b1c9c785100e0e18623c7f34843a82e066f0f91af93410654733c9e7e4513
Analysis Report
Vidar
SHA256: 84343112791c187d10af9cea8fac68cf4fc03d72352f1fe2def0bf72f9a9afc7
Analysis Report
AgentTesla
SHA256: 0b10841226c0d6fb59f308c09309e79d214ca6799ac162c1addd5455d7ef3fd7
Analysis Report
Amadey
SHA256: b5a399c0ea40983abc68b828ccb14efde2db90c047bbfba9ae418317ce7f036d
Analysis Report
AsyncRat
SHA256: 09df870092fdf14100cf041139efcf165933d0d50c6ac8bf06fdf3116f63cfa2
Analysis Report
Sodinokibi
SHA256: 08c2d24cb9c632f9aa84254bb673c9df04d4ac23ee07e840794e9438b06e9bd2
Analysis Report
FickerStealer
SHA256: f009a71cf1050cc8c50a9b1accf3e28f174e75eda5f5ebb4764d90baa443aa9c
Analysis Report
Raccoon Stealer
SHA256: a21b6b2e6336efdfe470806c0d615ede9acacd44ab317ce7e4c59cfb8de1619f
Analysis Report
Diamondfox
SHA256: 95b5d0e36464afc8391a9d056926e5859506ead18937669554bde42f7a6d135b
Analysis Report
XpertRat
SHA256: f8e52fa75724eb08c0ec68db6799740ad36c7178b8f0dd7c8b0ee755ff60c653
Analysis Report
Quasar Rat
SHA256: 1b12a22d5d562b59030df4697c4157a23766d0b34f9bd17a0ca7374e5a53e28c
Analysis Report
IcedID
SHA256: 15b65ccfeced9c5ae3359db9d3a0e68ad0201912b65a0578d5dd7a0f7f7b387d
Analysis Report
Azorult
SHA256: ba5786cfe255f158264fabd0b0cbf90b6f96ddd230a5fe82ca0c551d420f95be
Analysis Report
DarkComet
SHA256: e3532fb1c9e0c23e6e0b556425bceb08953c97883aacfb347789a3d8dd80099d
Analysis Report
GuLoader
SHA256: ec455e6dcab1f953bd685bc9674dbe7e2fbf7afcbef4d731edd9a818048f2227
Analysis Report
Zloader
SHA256: 938f890613dc8526bb828c3de5d5c612b7c13515062fb6ca15f8abc1424f2835
Analysis Report
CyberGate
SHA256: 61c2d5a213f1b68ef98f2800f02697650ccf28eb38ec07635f0bffcdf18a803a
Analysis Report
MassLogger Rat
SHA256: 42b24542fa7aa0e423fe98ae7f4676c3b490d30ef2cbaa68a8ce41ddbe9e4534
Analysis Report
DCRat
SHA256: bf6e3cf654738116a14be298176fc12524154ee51f9a2424fa117ee5b47be53a
Analysis Report
MedusaLocker
SHA256: 4ae110bb89ddcc45bb2c4e980794195ee5eb85b5261799caedef7334f0f57cc4
Analysis Report
Hades Ransomware
SHA256: ea310cc4fd4e8669e014ff417286da5edf2d3bef20abfb0a4f4951afe260d33d
Analysis Report
BlackCat
SHA256: 66f48ee8e668dc77d5a87585f16c870e6232d1340e8cf093f536c5340891936b
Analysis Report
NWorm
SHA256: 8c4477fd5129d549aabcbbcab1950965f7f0e0c934a60043dc7d27e57252868f
Analysis Report
Allcome clipbanker
SHA256: 6ccf16f1d1a495de9f5e7c1b60dd09da612ba2355887ebeb56cc1cacb5d64a5e
Analysis Report
Emotet
SHA256: 7236c54fca0b5d561a4194766f1b47882c7c44670b2a3952e1474cd4b9025214
Analysis Report
XorDDos
SHA256: b242c3eca68edc7c09505570455398cce9b02689287690971762899d1fb2b1a8