File Search Engine
  • Search
  • Syntax
  • Fields
  • API
  • 5.45.102.182 · virussign.com_20250623_LimitedFree.zip

    /samples/virussign/

    Germany · netcup GmbH

    Yara INDICATOR_EXE_Packed_ConfuserEx From AlienVault by ditekSHen
    Yara Base64_encoded_Executable From Florian Roth by Florian Roth (Nextron Systems)
    Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen
    Download archived sample
    The password is "infected"

    SHA1: 35d2e6582c30ae7d18a900979fe4d9ef621a7e25
    SHA256: b6c05ccd734934621c540937247fdd95c333ee685719595b6c910819fea6ef08
    application/zip
    20.21MB
    2025-06-23 16:05:19 +0000 UTC

  • 5.45.102.182 · virussign.com_20250620_LimitedFree.zip

    /samples/virussign/

    Germany · netcup GmbH

    Yara Suspicious_PowerShell_WebDownload_1 From Florian Roth by Florian Roth (Nextron Systems)
    Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen
    Yara INDICATOR_EXE_Packed_UPolyX From AlienVault by ditekSHen
    Download archived sample
    The password is "infected"

    SHA1: 890681e6518609d7ecf2d4fbdd88bd34133f5e05
    SHA256: 32a6a11394d5d4f22adc367043d40f2054a9be3379cabda1fcd1614c54a3e435
    application/zip
    23.72MB
    2025-06-20 16:05:21 +0000 UTC

  • 5.45.102.182 · virussign.com_20250611_LimitedFree.zip

    /samples/virussign/

    Germany · netcup GmbH

    Yara Unspecified_Malware_Oct16_A From Florian Roth by Florian Roth (Nextron Systems)
    Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen
    Yara SUSP_XORed_Mozilla From Florian Roth by Florian Roth (Nextron Systems)
    Yara SUSP_Imphash_Mar23_2 From Florian Roth by Arnim Rupp (https://github.com/ruppde)
    Yara INDICATOR_EXE_Packed_ASPack From AlienVault by ditekSHen
    Yara INDICATOR_EXE_Packed_UPolyX From AlienVault by ditekSHen
    Download archived sample
    The password is "infected"

    SHA1: c8dd02528aaa4f2b2489e053b95acf7703b77a50
    SHA256: 022613a0e2838dc693feed2ee2d7bcb2f8d0033a36f615f499cfc0396efcc959
    application/zip
    39.71MB
    2025-06-11 16:05:27 +0000 UTC

  • 5.45.102.182 · virussign.com_20250607_LimitedFree.zip

    /samples/virussign/

    Germany · netcup GmbH

    Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen
    Download archived sample
    The password is "infected"

    SHA1: 190f5d211a6ac4dcb2230e2b2cbbade3b1dd41ef
    SHA256: a1335296f7be88ede5f375ccbdafec0ea381a1b11a476039d910f3a2108f92fb
    application/zip
    20.38MB
    2025-06-07 16:05:20 +0000 UTC

  • 5.45.102.182 · virussign.com_20250605_LimitedFree.zip

    /samples/virussign/

    Germany · netcup GmbH

    Yara INDICATOR_EXE_Packed_UPolyX From AlienVault by ditekSHen
    Yara SUSP_XORed_Mozilla From Florian Roth by Florian Roth (Nextron Systems)
    Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen
    Yara Typical_Malware_String_Transforms From Florian Roth by Florian Roth (Nextron Systems)
    Yara INDICATOR_EXE_Packed_ASPack From AlienVault by ditekSHen
    Yara Unspecified_Malware_Oct16_A From Florian Roth by Florian Roth (Nextron Systems)
    Yara Disable_Defender From AbuseCH by iam-py-test
    Yara PUP_InstallRex_AntiFWb From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: 4b32c974690387bcdcdc7a975e2ddbef1c28f556
    SHA256: 4fcc38c844693ffa99b2bc51508fb8b92224704c88d8734628f4c1159d77fc1a
    application/zip
    20.08MB
    2025-06-05 16:05:20 +0000 UTC

  • 5.45.102.182 · virussign.com_20250602_LimitedFree.zip

    /samples/virussign/

    Germany · netcup GmbH

    Yara Win32_PUA_Domaiq From ReversingLabs by ReversingLabs
    Yara INDICATOR_EXE_Packed_UPolyX From AlienVault by ditekSHen
    Yara Unspecified_Malware_Oct16_A From Florian Roth by Florian Roth (Nextron Systems)
    Yara INDICATOR_EXE_Packed_SimplePolyEngine From AlienVault by ditekSHen
    Yara PUP_InstallRex_AntiFWb From Florian Roth by Florian Roth (Nextron Systems)
    Yara SUSP_XORed_MSDOS_Stub_Message From Florian Roth by Florian Roth
    Yara SUSP_Imphash_Mar23_2 From Florian Roth by Arnim Rupp (https://github.com/ruppde)
    Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen
    Yara INDICATOR_EXE_Packed_SmartAssembly From AlienVault by ditekSHen
    Download archived sample
    The password is "infected"

    SHA1: 00925122515312713ff5b182a92ecaa8fe340fa3
    SHA256: 9ce8e9e1d506218a990ad50aa419df91c3ef51885d77bf451cb2360266ae9a98
    application/zip
    26.13MB
    2025-06-02 16:05:22 +0000 UTC

  • 5.45.102.182 · virussign.com_20250531_LimitedFree.zip

    /samples/virussign/

    Germany · netcup GmbH

    Yara Win32_PUA_Domaiq From ReversingLabs by ReversingLabs
    Yara INDICATOR_EXE_Packed_UPolyX From AlienVault by ditekSHen
    Yara SUSP_XORed_Mozilla From Florian Roth by Florian Roth (Nextron Systems)
    Yara INDICATOR_EXE_Packed_Goliath From AlienVault by ditekSHen
    Yara SUSP_XORed_MSDOS_Stub_Message From Florian Roth by Florian Roth
    Yara PUP_InstallRex_AntiFWb From Florian Roth by Florian Roth (Nextron Systems)
    Yara SUSP_Imphash_Mar23_2 From Florian Roth by Arnim Rupp (https://github.com/ruppde)
    Yara Unspecified_Malware_Oct16_A From Florian Roth by Florian Roth (Nextron Systems)
    Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen
    Download archived sample
    The password is "infected"

    SHA1: ab9808fa36eceb0c72e23553238110756851f06a
    SHA256: ae53e9ebcdbb08b623346777007d34a69c40a904969067613b9d0456e8ffa8cd
    application/zip
    45.31MB
    2025-05-31 16:05:23 +0000 UTC

  • 5.45.102.182 · virussign.com_20250525_LimitedFree.zip

    /samples/virussign/

    Germany · netcup GmbH

    Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen
    Yara INDICATOR_EXE_Packed_VMProtect From AlienVault by ditekSHen
    Yara INDICATOR_EXE_Packed_UPolyX From AlienVault by ditekSHen
    Yara INDICATOR_EXE_Packed_ASPack From AlienVault by ditekSHen
    Yara Unspecified_Malware_Oct16_A From Florian Roth by Florian Roth (Nextron Systems)
    Yara INDICATOR_EXE_Packed_eXPressor From AlienVault by ditekSHen
    Yara Disable_Defender From AbuseCH by iam-py-test
    Yara APT_NK_Methodology_Artificial_UserAgent_IE_Win7 From Florian Roth by Steve Miller aka @stvemillertime
    Yara Win32_PUA_Domaiq From ReversingLabs by ReversingLabs
    Yara SUSP_XORed_MSDOS_Stub_Message From Florian Roth by Florian Roth
    Download archived sample
    The password is "infected"

    SHA1: 8d77fcda74b48347c40fddc3d699665334e0e9f8
    SHA256: 654179176a9af1a55c3b1edab9e2ba13966c471483dd568fba3b161e5c3e633e
    application/zip
    22.69MB
    2025-05-25 16:05:23 +0000 UTC

  • 212.32.229.100 · adobe.snr.patch.v2.0-painter.exe

    /dboxmedia/Adobe Acrobat Pro DC 2017.009.20044 [GTActiveTeam]/3. Universal Adobe Patcher 2.0/

    The Netherlands · LeaseWeb Netherlands B.V.

    Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen
    Download archived sample
    The password is "infected"

    SHA1: 7d0d2b434b51abe91e5b16e4c8dc8d26143b138c
    SHA256: 256c2a409c97448d168f3eb1bfb89af3d259dfc05a510a3f464d8e4b348116d4
    application/x-msdos-program
    587.50KB
    2019-05-13 18:12:35 +0000 UTC

  • 220.70.6.110 · recoverit.exe

    /파일썬자료/드라마/Wondershare Recoverit v9.0.6.20 + Fix {CracksHash}/Crack/Crack Fix/

    South Korea · Korea Telecom

    Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen
    Download archived sample
    The password is "infected"

    SHA1: ca183cb97215712d7b42cf3273cbf6ec3324f635
    SHA256: 010e3c4e6b08168d5135a541e55734d641556f98c5240e1b979878e221d8f1d6
    application/x-msdos-program
    3.22MB
    2023-11-19 03:04:35 +0000 UTC

  • install.rootshark.dev · DrvIndex_x32.exe

    /WPI/BELOFF_2O24.O7/SSTR/DriverPacks/MassStorage/

    · CLOUDFLARENET

    Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen
    Download archived sample
    The password is "infected"

    SHA1: 3e439a720598228e9a4d9bd71da7abb43c85d342
    SHA256: f2f21a62eea45ca0d8681da092bef37e09e10ffc507071503e2649a2a734ff3e
    application/octet-stream
    1.37MB
    2024-07-20 18:00:00 +0000 UTC

  • fs.scsigma.ru · UPKeyX-10.0.3.144-331.exe

    /1С Дистрибутив/Конфигурации/Автосалон/AutoSalon6_6_1_07_21_setup/Protect/Drivers/

    Russia · Novotelecom Ltd

    Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen
    Download archived sample
    The password is "infected"

    SHA1: 6e6a20b4004abafcc5bab7fc2f3cfd343965d9ec
    SHA256: 1bcb517aaffb22a90ffebec8a63116f9a90ad0adb29d7f495101c2b89479dbf1
    application/x-msdownload
    3.80MB
    2013-10-10 08:57:38 +0000 UTC

  • fs.scsigma.ru · UPKeyX-10.0.3.144-331.exe

    /1С Дистрибутив/Конфигурации/Автосалон/AutoSalon6_6_1_07_21_setup/Protect/Drivers/

    Russia · Novotelecom Ltd

    Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen
    Download archived sample
    The password is "infected"

    SHA1: 6e6a20b4004abafcc5bab7fc2f3cfd343965d9ec
    SHA256: 1bcb517aaffb22a90ffebec8a63116f9a90ad0adb29d7f495101c2b89479dbf1
    application/x-msdownload
    3.80MB
    2013-10-10 08:57:38 +0000 UTC

  • descargas.nebrimatica.com · SoftPerfect-Network-Scanner-64bits.exe

    /

    Spain · Tecnocratica Centro de Datos, S.L.

    Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen
    Download archived sample
    The password is "infected"

    SHA1: 07251e80ed033fdaf507ed215beb43baa71a112d
    SHA256: fd97ee3b59734e2cd3cc5c6fcfc51a6cdd9ad0592c6f40752f67f56d21e4f0c0
    application/x-msdos-program
    1.14MB
    2019-06-12 06:23:08 +0000 UTC

  • descargas.nebrimatica.com · SoftPerfect-Network-Scanner-32bits.exe

    /

    Spain · Tecnocratica Centro de Datos, S.L.

    Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen
    Download archived sample
    The password is "infected"

    SHA1: f3f179a3199cd30424462319b9382f97a867805a
    SHA256: f4e52e057baaf742b553a6f92cac1941fbfd97ac8cd2cd624060ca017fa5bdd6
    application/x-msdos-program
    918.05KB
    2019-06-12 06:23:06 +0000 UTC

  • files.zelenak.tech · stinger64.exe

    /sl_tools/av/

    United States · AS-VULTR

    Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen
    Download archived sample
    The password is "infected"

    SHA1: bfd1ca78bcd39ad4dddec4da06b5f47d51a51c3b
    SHA256: a502c8d749cc4dc44becc30f24b3c6c26e938be3518ac935be6c3c1355d259bf
    application/octet-stream
    46.96MB
    2025-04-24 14:50:18 +0000 UTC

  • files.zelenak.io · stinger64.exe

    /sl_tools/av/

    United States · AS-VULTR

    Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen
    Download archived sample
    The password is "infected"

    SHA1: bfd1ca78bcd39ad4dddec4da06b5f47d51a51c3b
    SHA256: a502c8d749cc4dc44becc30f24b3c6c26e938be3518ac935be6c3c1355d259bf
    application/octet-stream
    46.96MB
    2025-04-24 14:50:18 +0000 UTC

  • files.gamefilearchive.com · Ignition Windows Patch r1.zip

    /misc/ignition/

    United Kingdom · Akamai Connected Cloud

    Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen
    Download archived sample
    The password is "infected"

    SHA1: a27f1c31edf3b2b6371db9d6f7fac09bbfecf7ea
    SHA256: 1f4673b1da836b801c40680140543c5835ea301b5944c552fd9db559b4a592ec
    application/zip
    6.46MB
    2017-12-26 17:43:21 +0000 UTC

  • www.utils.avantlab.com · utils.zip

    /

    Switzerland · cyon GmbH

    Yara INDICATOR_EXE_Packed_VMProtect From AlienVault by ditekSHen
    Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen
    Yara Disable_Defender From AbuseCH by iam-py-test
    Yara Base64_encoded_Executable From Florian Roth by Florian Roth (Nextron Systems)

    SHA1: 4c6cd1e4a13838f864e76b6664fa687cd80ab1b7
    SHA256: 91313a5c514608f43b375bd1c1bfb1250fe594096276c422c00f987875a76f4f
    application/zip
    138.48MB
    2021-01-05 22:09:37 +0000 UTC

  • utils.avantlab.com · utils.zip

    /

    Switzerland · cyon GmbH

    Yara INDICATOR_EXE_Packed_VMProtect From AlienVault by ditekSHen
    Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen
    Yara Disable_Defender From AbuseCH by iam-py-test
    Yara Base64_encoded_Executable From Florian Roth by Florian Roth (Nextron Systems)

    SHA1: 5652337bf34249eaf8f213c84844fe06ca8b2a2c
    SHA256: 46f810045f351d8b77034f3b55c2655af5f3335d63c42981163389884aedbad8
    application/zip
    138.48MB
    2021-01-05 22:09:37 +0000 UTC