allthethings.ddns.net · virussign.com_20250608_LimitedFree.zip

/samples/virussign/

Germany · netcup GmbH

Yara INDICATOR_EXE_Packed_UPolyX From AlienVault by ditekSHen

Yara Win32_PUA_Domaiq From ReversingLabs by ReversingLabs

Yara INDICATOR_EXE_Packed_VMProtect From AlienVault by ditekSHen

Yara Hunting_Rule_ShikataGaNai From Florian Roth by Steven Miller

Yara PUP_InstallRex_AntiFWb From Florian Roth by Florian Roth (Nextron Systems)

Yara INDICATOR_EXE_Packed_ASPack From AlienVault by ditekSHen

Yara SUSP_XORed_Mozilla From Florian Roth by Florian Roth (Nextron Systems)

Yara Unspecified_Malware_Oct16_A From Florian Roth by Florian Roth (Nextron Systems)

Yara INDICATOR_EXE_Packed_SimplePolyEngine From AlienVault by ditekSHen

Download archived sample

The password is "infected"

allthethings.ddns.net · virussign.com_20250619_LimitedFree.zip

/samples/virussign/

Germany · netcup GmbH

Yara INDICATOR_EXE_Packed_SimplePolyEngine From AlienVault by ditekSHen

Yara Disable_Defender From AbuseCH by iam-py-test

Download archived sample

The password is "infected"

allthethings.ddns.net · virussign.com_20250602_LimitedFree.zip

/samples/virussign/

Germany · netcup GmbH

Yara Win32_PUA_Domaiq From ReversingLabs by ReversingLabs

Yara INDICATOR_EXE_Packed_UPolyX From AlienVault by ditekSHen

Yara Unspecified_Malware_Oct16_A From Florian Roth by Florian Roth (Nextron Systems)

Yara INDICATOR_EXE_Packed_SimplePolyEngine From AlienVault by ditekSHen

Yara PUP_InstallRex_AntiFWb From Florian Roth by Florian Roth (Nextron Systems)

Yara SUSP_XORed_MSDOS_Stub_Message From Florian Roth by Florian Roth

Yara SUSP_Imphash_Mar23_2 From Florian Roth by Arnim Rupp (https://github.com/ruppde)

Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen

Yara INDICATOR_EXE_Packed_SmartAssembly From AlienVault by ditekSHen

Download archived sample

The password is "infected"

allthethings.ddns.net · virussign.com_20250608_LimitedFree.zip

/samples/virussign/

Germany · netcup GmbH

Yara INDICATOR_EXE_Packed_UPolyX From AlienVault by ditekSHen

Yara Win32_PUA_Domaiq From ReversingLabs by ReversingLabs

Yara INDICATOR_EXE_Packed_VMProtect From AlienVault by ditekSHen

Yara Hunting_Rule_ShikataGaNai From Florian Roth by Steven Miller

Yara PUP_InstallRex_AntiFWb From Florian Roth by Florian Roth (Nextron Systems)

Yara INDICATOR_EXE_Packed_ASPack From AlienVault by ditekSHen

Yara SUSP_XORed_Mozilla From Florian Roth by Florian Roth (Nextron Systems)

Yara Unspecified_Malware_Oct16_A From Florian Roth by Florian Roth (Nextron Systems)

Yara INDICATOR_EXE_Packed_SimplePolyEngine From AlienVault by ditekSHen

Download archived sample

The password is "infected"

allthethings.ddns.net · virussign.com_20250602_LimitedFree.zip

/samples/virussign/

Germany · netcup GmbH

Yara Win32_PUA_Domaiq From ReversingLabs by ReversingLabs

Yara INDICATOR_EXE_Packed_UPolyX From AlienVault by ditekSHen

Yara Unspecified_Malware_Oct16_A From Florian Roth by Florian Roth (Nextron Systems)

Yara INDICATOR_EXE_Packed_SimplePolyEngine From AlienVault by ditekSHen

Yara PUP_InstallRex_AntiFWb From Florian Roth by Florian Roth (Nextron Systems)

Yara SUSP_XORed_MSDOS_Stub_Message From Florian Roth by Florian Roth

Yara SUSP_Imphash_Mar23_2 From Florian Roth by Arnim Rupp (https://github.com/ruppde)

Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen

Yara INDICATOR_EXE_Packed_SmartAssembly From AlienVault by ditekSHen

Download archived sample

The password is "infected"

5.45.102.182 · virussign.com_20250619_LimitedFree.zip

/samples/virussign/

Germany · netcup GmbH

Yara INDICATOR_EXE_Packed_SimplePolyEngine From AlienVault by ditekSHen

Yara Disable_Defender From AbuseCH by iam-py-test

Download archived sample

The password is "infected"

5.45.102.182 · virussign.com_20250608_LimitedFree.zip

/samples/virussign/

Germany · netcup GmbH

Yara INDICATOR_EXE_Packed_UPolyX From AlienVault by ditekSHen

Yara Win32_PUA_Domaiq From ReversingLabs by ReversingLabs

Yara INDICATOR_EXE_Packed_VMProtect From AlienVault by ditekSHen

Yara Hunting_Rule_ShikataGaNai From Florian Roth by Steven Miller

Yara PUP_InstallRex_AntiFWb From Florian Roth by Florian Roth (Nextron Systems)

Yara INDICATOR_EXE_Packed_ASPack From AlienVault by ditekSHen

Yara SUSP_XORed_Mozilla From Florian Roth by Florian Roth (Nextron Systems)

Yara Unspecified_Malware_Oct16_A From Florian Roth by Florian Roth (Nextron Systems)

Yara INDICATOR_EXE_Packed_SimplePolyEngine From AlienVault by ditekSHen

Download archived sample

The password is "infected"

5.45.102.182 · virussign.com_20250602_LimitedFree.zip

/samples/virussign/

Germany · netcup GmbH

Yara Win32_PUA_Domaiq From ReversingLabs by ReversingLabs

Yara INDICATOR_EXE_Packed_UPolyX From AlienVault by ditekSHen

Yara Unspecified_Malware_Oct16_A From Florian Roth by Florian Roth (Nextron Systems)

Yara INDICATOR_EXE_Packed_SimplePolyEngine From AlienVault by ditekSHen

Yara PUP_InstallRex_AntiFWb From Florian Roth by Florian Roth (Nextron Systems)

Yara SUSP_XORed_MSDOS_Stub_Message From Florian Roth by Florian Roth

Yara SUSP_Imphash_Mar23_2 From Florian Roth by Arnim Rupp (https://github.com/ruppde)

Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen

Yara INDICATOR_EXE_Packed_SmartAssembly From AlienVault by ditekSHen

Download archived sample

The password is "infected"

5.45.102.182 · virussign.com_20250619_LimitedFree.zip

/samples/virussign/

Germany · netcup GmbH

Yara INDICATOR_EXE_Packed_SimplePolyEngine From AlienVault by ditekSHen

Yara Disable_Defender From AbuseCH by iam-py-test

Download archived sample

The password is "infected"

5.45.102.182 · virussign.com_20250608_LimitedFree.zip

/samples/virussign/

Germany · netcup GmbH

Yara INDICATOR_EXE_Packed_UPolyX From AlienVault by ditekSHen

Yara Win32_PUA_Domaiq From ReversingLabs by ReversingLabs

Yara INDICATOR_EXE_Packed_VMProtect From AlienVault by ditekSHen

Yara Hunting_Rule_ShikataGaNai From Florian Roth by Steven Miller

Yara PUP_InstallRex_AntiFWb From Florian Roth by Florian Roth (Nextron Systems)

Yara INDICATOR_EXE_Packed_ASPack From AlienVault by ditekSHen

Yara SUSP_XORed_Mozilla From Florian Roth by Florian Roth (Nextron Systems)

Yara Unspecified_Malware_Oct16_A From Florian Roth by Florian Roth (Nextron Systems)

Yara INDICATOR_EXE_Packed_SimplePolyEngine From AlienVault by ditekSHen

Download archived sample

The password is "infected"

5.45.102.182 · virussign.com_20250602_LimitedFree.zip

/samples/virussign/

Germany · netcup GmbH

Yara Win32_PUA_Domaiq From ReversingLabs by ReversingLabs

Yara INDICATOR_EXE_Packed_UPolyX From AlienVault by ditekSHen

Yara Unspecified_Malware_Oct16_A From Florian Roth by Florian Roth (Nextron Systems)

Yara INDICATOR_EXE_Packed_SimplePolyEngine From AlienVault by ditekSHen

Yara PUP_InstallRex_AntiFWb From Florian Roth by Florian Roth (Nextron Systems)

Yara SUSP_XORed_MSDOS_Stub_Message From Florian Roth by Florian Roth

Yara SUSP_Imphash_Mar23_2 From Florian Roth by Arnim Rupp (https://github.com/ruppde)

Yara INDICATOR_EXE_Packed_MPress From AlienVault by ditekSHen

Yara INDICATOR_EXE_Packed_SmartAssembly From AlienVault by ditekSHen

Download archived sample

The password is "infected"

pypi.hadiko.de · workbench-0.3.2.tar.gz

/packages/0c/4e/6d3ad2534e60fad14d8f837c2c1a3f1657f2b4aff8a589b3519c2a448dc3/

Germany · Universitaet Stuttgart

Yara INDICATOR_EXE_Packed_SimplePolyEngine From AlienVault by ditekSHen

Yara INDICATOR_EXE_Packed_eXPressor From AlienVault by ditekSHen

Yara INDICATOR_EXE_Packed_RLPack From AlienVault by ditekSHen

Yara RAT_Ap0calypse From Florian Roth by Kevin Breen <kevin@techanarchy.net>

Yara RAT_DarkRAT From Florian Roth by Kevin Breen <kevin@techanarchy.net>

Download archived sample

The password is "infected"