File Search Engine
  • Search
  • Syntax
  • Fields
  • API
  • allthethings.ddns.net · virussign.com_20250613_LimitedFree.zip

    /samples/virussign/

    Germany · netcup GmbH

    Yara INDICATOR_EXE_Packed_UPolyX From AlienVault by ditekSHen
    Yara Win32_PUA_Domaiq From ReversingLabs by ReversingLabs
    Yara INDICATOR_EXE_Packed_SmartAssembly From AlienVault by ditekSHen
    Yara Base64_encoded_Executable From Florian Roth by Florian Roth (Nextron Systems)
    Yara Unspecified_Malware_Oct16_A From Florian Roth by Florian Roth (Nextron Systems)
    Yara Cobaltbaltstrike_RAW_Payload_https_stager_x64 From Florian Roth by Avast Threat Intel Team
    Yara SUSP_Imphash_Mar23_2 From Florian Roth by Arnim Rupp (https://github.com/ruppde)
    Yara SUSP_XORed_MSDOS_Stub_Message From Florian Roth by Florian Roth
    Download archived sample
    The password is "infected"

    SHA1: d4b000c83cccbd0d818a991f3b87343ecfee3d06
    SHA256: bbbdbeb5d508149f6c9d853a340485442584063fd5a79398d800ddd874d4d913
    application/zip
    49.69MB
    2025-06-13 16:05:26 +0000 UTC

  • 5.45.102.182 · virussign.com_20250613_LimitedFree.zip

    /samples/virussign/

    Germany · netcup GmbH

    Yara INDICATOR_EXE_Packed_UPolyX From AlienVault by ditekSHen
    Yara Win32_PUA_Domaiq From ReversingLabs by ReversingLabs
    Yara INDICATOR_EXE_Packed_SmartAssembly From AlienVault by ditekSHen
    Yara Base64_encoded_Executable From Florian Roth by Florian Roth (Nextron Systems)
    Yara Unspecified_Malware_Oct16_A From Florian Roth by Florian Roth (Nextron Systems)
    Yara Cobaltbaltstrike_RAW_Payload_https_stager_x64 From Florian Roth by Avast Threat Intel Team
    Yara SUSP_Imphash_Mar23_2 From Florian Roth by Arnim Rupp (https://github.com/ruppde)
    Yara SUSP_XORed_MSDOS_Stub_Message From Florian Roth by Florian Roth
    Download archived sample
    The password is "infected"

    SHA1: d4b000c83cccbd0d818a991f3b87343ecfee3d06
    SHA256: bbbdbeb5d508149f6c9d853a340485442584063fd5a79398d800ddd874d4d913
    application/zip
    49.69MB
    2025-06-13 16:05:26 +0000 UTC

  • 5.45.102.182 · virussign.com_20250613_LimitedFree.zip

    /samples/virussign/

    Germany · netcup GmbH

    Yara INDICATOR_EXE_Packed_UPolyX From AlienVault by ditekSHen
    Yara Win32_PUA_Domaiq From ReversingLabs by ReversingLabs
    Yara INDICATOR_EXE_Packed_SmartAssembly From AlienVault by ditekSHen
    Yara Base64_encoded_Executable From Florian Roth by Florian Roth (Nextron Systems)
    Yara Unspecified_Malware_Oct16_A From Florian Roth by Florian Roth (Nextron Systems)
    Yara Cobaltbaltstrike_RAW_Payload_https_stager_x64 From Florian Roth by Avast Threat Intel Team
    Yara SUSP_Imphash_Mar23_2 From Florian Roth by Arnim Rupp (https://github.com/ruppde)
    Yara SUSP_XORed_MSDOS_Stub_Message From Florian Roth by Florian Roth
    Download archived sample
    The password is "infected"

    SHA1: d4b000c83cccbd0d818a991f3b87343ecfee3d06
    SHA256: bbbdbeb5d508149f6c9d853a340485442584063fd5a79398d800ddd874d4d913
    application/zip
    49.69MB
    2025-06-13 16:05:26 +0000 UTC