File Search Engine
  • Search
  • Syntax
  • Fields
  • API
  • rpms.southbridge.ru · vault_1.13.2_linux_amd64.zip

    /other/

    Russia · JSC Selectel

    Yara RAT_JavaDropper From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Download archived sample
    The password is "infected"

    SHA1: 73f8ffe124bea22154c260d5e254e5f85ef42cec
    SHA256: f7930279de8381de7c532164b4a4408895d9606c0d24e2e9d2f9acb5dfe99b3c
    application/zip
    46.21MB
    2023-06-07 15:59:32 +0000 UTC

  • repoark.ru · vault_1.11.3_linux_amd64.zip

    /packages/

    Russia · Iskratelecom JSC

    Yara RAT_JavaDropper From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Download archived sample
    The password is "infected"

    SHA1: 7c68f62e1b00b8f2b8208fa75aa1514a6d75a517
    SHA256: b433413ce524f26abe6292f7fc95f267e809daeacdf7ba92b68dead322f92deb
    application/zip
    70.18MB
    2024-03-26 09:52:04 +0000 UTC

  • rpms.southbridge.ru · vault_1.13.2_linux_amd64.zip

    /other/

    Russia · JSC Selectel

    Yara RAT_JavaDropper From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Download archived sample
    The password is "infected"

    SHA1: 73f8ffe124bea22154c260d5e254e5f85ef42cec
    SHA256: f7930279de8381de7c532164b4a4408895d9606c0d24e2e9d2f9acb5dfe99b3c
    application/zip
    46.21MB
    2023-06-07 15:59:32 +0000 UTC

  • rpms.southbridge.ru · vault_1.13.2_linux_amd64.zip

    /other/

    Russia · JSC Selectel

    Yara RAT_JavaDropper From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Download archived sample
    The password is "infected"

    SHA1: 73f8ffe124bea22154c260d5e254e5f85ef42cec
    SHA256: f7930279de8381de7c532164b4a4408895d9606c0d24e2e9d2f9acb5dfe99b3c
    application/zip
    46.21MB
    2023-06-07 15:59:32 +0000 UTC

  • repoark.ru · vault_1.11.3_linux_amd64.zip

    /packages/

    Russia · Iskratelecom JSC

    Yara RAT_JavaDropper From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Download archived sample
    The password is "infected"

    SHA1: 7c68f62e1b00b8f2b8208fa75aa1514a6d75a517
    SHA256: b433413ce524f26abe6292f7fc95f267e809daeacdf7ba92b68dead322f92deb
    application/zip
    70.18MB
    2024-03-26 09:52:04 +0000 UTC

  • pypi.corp.tevian.ru · capesolo-0.4.11.tar.gz

    /packages/00/9f/0db316e5456dd811fcd3a2aa4d1282ed639aa02af2b0f0a69173fd9d70c1/

    Russia · PVimpelCom

    Yara Disable_Defender From AbuseCH by iam-py-test
    Yara HKTL_CobaltStrike_Beacon_Strings From Florian Roth by Elastic
    Yara RAT_adWind From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara RAT_Adzok From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara RAT_Ap0calypse From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara RAT_BlackShades From Florian Roth by Brian Wallace (@botnet_hunter)
    Yara RAT_BlueBanana From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara RAT_Bozok From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara RAT_ClientMesh From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Yara RAT_DarkComet From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara RAT_DarkRAT From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara APT_MAL_Sandworm_Exaramel_Task_Names From Florian Roth by FR/ANSSI/SDO
    Yara MAL_HawkEye_Keylogger_Gen_Dec18 From Florian Roth by Florian Roth (Nextron Systems)
    Yara RAT_JavaDropper From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Yara RAT_LostDoor From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara power_pe_injection From Florian Roth by Benjamin DELPY (gentilkiwi)
    Yara RAT_Paradox From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara RAT_QRat From Florian Roth by Kevin Breen @KevTheHermit
    Yara RAT_ShadowTech From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara RAT_Sub7Nation From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Yara RAT_unrecom From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara RAT_Vertex From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara WindowsCredentialEditor From Florian Roth
    Download archived sample
    The password is "infected"

    SHA1: eb3f78bfbca21a885ed281b778fb210d969828d5
    SHA256: f834cbd8fb6edcf50542d4c2f699bfb4105325598c7c1caecbc123a1bfa2e487
    application/octet-stream
    4.37MB
    2024-11-15 12:40:34 +0000 UTC

  • packages.clnstrt.dev · external-secrets-fips-0.12.1-r0.apk

    /clnstrt/v3.20/triam/aarch64/

    United States · GOOGLE-CLOUD-PLATFORM

    Yara RAT_JavaDropper From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Download archived sample
    The password is "infected"

    SHA1: 4e1396aa064062cbfc58e86038d654edfd400eb1
    SHA256: 4a6d680c1ccd0ff09d500ace0fe857c389b764e498b1682177cf1407fbd1e0f0
    application/octet-stream
    30.60MB
    2025-03-06 15:01:51 +0000 UTC

  • packages.clnstrt.dev · external-secrets-0.12.1-r0.apk

    /clnstrt/v3.20/triam/aarch64/

    United States · GOOGLE-CLOUD-PLATFORM

    Yara RAT_JavaDropper From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Download archived sample
    The password is "infected"

    SHA1: 5ca88860ae7ab3cb11ec1d2b0bf19fedf3c384fb
    SHA256: 164851b34205e91d880297b4e9cb0cccef092fd82ba6bb3f170bca41e15d05c2
    application/octet-stream
    30.57MB
    2025-03-06 15:01:51 +0000 UTC

  • mirror.as59645.net · vault-1.10.7-r0.apk

    /alpine/v3.16/community/aarch64/

    Germany · Tobias Fiebig

    Yara RAT_JavaDropper From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Download archived sample
    The password is "infected"

    SHA1: 4099f5d3ebe76014aa4b77e446680b7208f13b9b
    SHA256: 4777db69cd335d949a538761172aeb7ebf489a4180b6056d7982f283a6a885cc
    application/octet-stream
    31.73MB
    2022-10-14 11:49:43 +0000 UTC

  • rpms.southbridge.ru · vault_1.13.2_linux_amd64.zip

    /other/

    Russia · JSC Selectel

    Yara RAT_JavaDropper From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Download archived sample
    The password is "infected"

    SHA1: 73f8ffe124bea22154c260d5e254e5f85ef42cec
    SHA256: f7930279de8381de7c532164b4a4408895d9606c0d24e2e9d2f9acb5dfe99b3c
    application/zip
    46.21MB
    2023-06-07 15:59:32 +0000 UTC

  • repoark.ru · vault_1.11.3_linux_amd64.zip

    /packages/

    Russia · Iskratelecom JSC

    Yara RAT_JavaDropper From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Download archived sample
    The password is "infected"

    SHA1: 7c68f62e1b00b8f2b8208fa75aa1514a6d75a517
    SHA256: b433413ce524f26abe6292f7fc95f267e809daeacdf7ba92b68dead322f92deb
    application/zip
    70.18MB
    2024-03-26 09:52:04 +0000 UTC

  • mirror.wildberries.ru · vault-1.10.7-r0.apk

    /alpine/v3.16/community/x86_64/

    Russia · LLC Wildberries

    Yara RAT_JavaDropper From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Download archived sample
    The password is "infected"

    SHA1: 286ac0a85b6c668f072f08f5e7405d3c95fd6ca5
    SHA256: 9c3afd23740f95a013e063aef690845c52d93bda7f0c00c5720386d5600d39b2
    text/plain
    34.79MB
    2022-10-14 11:49:39 +0000 UTC

  • mirror.wildberries.ru · vault-1.9.6-r1.apk

    /alpine/v3.15/community/x86_64/

    Russia · LLC Wildberries

    Yara RAT_JavaDropper From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Download archived sample
    The password is "infected"

    SHA1: 3ffcd91409495955c9839ecac73a3bd8e70b56a9
    SHA256: 0d6f3c4ce837b2f2396bc4791a0e83a15768f0a7476922cc29ea194137b8a702
    text/plain
    33.99MB
    2022-05-12 08:23:46 +0000 UTC

  • pypi.corp.tevian.ru · capesolo-0.4.11.tar.gz

    /packages/00/9f/0db316e5456dd811fcd3a2aa4d1282ed639aa02af2b0f0a69173fd9d70c1/

    Russia · PVimpelCom

    Yara Disable_Defender From AbuseCH by iam-py-test
    Yara HKTL_CobaltStrike_Beacon_Strings From Florian Roth by Elastic
    Yara RAT_adWind From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara RAT_Adzok From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara RAT_Ap0calypse From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara RAT_BlackShades From Florian Roth by Brian Wallace (@botnet_hunter)
    Yara RAT_BlueBanana From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara RAT_Bozok From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara RAT_ClientMesh From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Yara RAT_DarkComet From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara RAT_DarkRAT From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara APT_MAL_Sandworm_Exaramel_Task_Names From Florian Roth by FR/ANSSI/SDO
    Yara MAL_HawkEye_Keylogger_Gen_Dec18 From Florian Roth by Florian Roth (Nextron Systems)
    Yara RAT_JavaDropper From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Yara RAT_LostDoor From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara power_pe_injection From Florian Roth by Benjamin DELPY (gentilkiwi)
    Yara RAT_Paradox From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara RAT_QRat From Florian Roth by Kevin Breen @KevTheHermit
    Yara RAT_ShadowTech From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara RAT_Sub7Nation From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Yara RAT_unrecom From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara RAT_Vertex From Florian Roth by Kevin Breen <kevin@techanarchy.net>
    Yara WindowsCredentialEditor From Florian Roth
    Download archived sample
    The password is "infected"

    SHA1: eb3f78bfbca21a885ed281b778fb210d969828d5
    SHA256: f834cbd8fb6edcf50542d4c2f699bfb4105325598c7c1caecbc123a1bfa2e487
    application/octet-stream
    4.37MB
    2024-11-15 12:40:34 +0000 UTC

  • mirror.guillaumea.fr · vault-1.13.5-r3.apk

    /alpine/v3.18/community/aarch64/

    Singapore · Singtel Fibre Broadband

    Yara RAT_JavaDropper From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Download archived sample
    The password is "infected"

    SHA1: beff3e4552076d37933c17aced78ff39957d5d2c
    SHA256: 267b1f353b96e384bd6f29e408c35045fd1d81754a6465f052edd119b4fd28b0
    application/octet-stream
    45.62MB
    2023-11-18 00:02:25 +0000 UTC

  • rpms.southbridge.ru · vault_1.13.2_linux_amd64.zip

    /other/

    Russia · JSC Selectel

    Yara RAT_JavaDropper From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Download archived sample
    The password is "infected"

    SHA1: 73f8ffe124bea22154c260d5e254e5f85ef42cec
    SHA256: f7930279de8381de7c532164b4a4408895d9606c0d24e2e9d2f9acb5dfe99b3c
    application/zip
    46.21MB
    2023-06-07 15:59:32 +0000 UTC

  • rpms.southbridge.ru · vault_1.13.2_linux_amd64.zip

    /other/

    Russia · JSC Selectel

    Yara RAT_JavaDropper From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Download archived sample
    The password is "infected"

    SHA1: 73f8ffe124bea22154c260d5e254e5f85ef42cec
    SHA256: f7930279de8381de7c532164b4a4408895d9606c0d24e2e9d2f9acb5dfe99b3c
    application/zip
    46.21MB
    2023-06-07 15:59:32 +0000 UTC

  • mirror.guillaumea.fr · vault-1.13.5-r3.apk

    /alpine/v3.18/community/aarch64/

    Singapore · Singtel Fibre Broadband

    Yara RAT_JavaDropper From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Download archived sample
    The password is "infected"

    SHA1: beff3e4552076d37933c17aced78ff39957d5d2c
    SHA256: 267b1f353b96e384bd6f29e408c35045fd1d81754a6465f052edd119b4fd28b0
    application/octet-stream
    45.62MB
    2023-11-18 00:02:25 +0000 UTC

  • mirror.selectel.uz · fleet-server-8.9.2-windows-x86_64.zip

    /3rd-party/elastic-artifacts/fleet-server/

    Russia · JSC Selectel

    Yara RAT_JavaDropper From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Download archived sample
    The password is "infected"

    SHA1: 54a70eae1c9c0f677917baab151d5eed597b5ef2
    SHA256: 522b3279808d4dd9850548a2e4f63718c2b8cc2b3dc52097c7a5254da9630cc9
    application/zip
    9.40MB
    2024-05-29 13:04:34 +0000 UTC

  • mirror.selectel.uz · fleet-server-8.9.2-linux-x86_64.tar.gz

    /3rd-party/elastic-artifacts/fleet-server/

    Russia · JSC Selectel

    Yara RAT_JavaDropper From Florian Roth by Kevin Breen <kevin@techanarchy.net> (slightly modified by Florian Roth to improve performance)
    Download archived sample
    The password is "infected"

    SHA1: 613293717472698e1d1fb6337a926677ef6ddf58
    SHA256: b706cb6ed8e7f54cdc4ab17d3cf6d1330400d98bd68c3f1c10244884157d2024
    application/octet-stream
    9.73MB
    2023-09-06 23:22:04 +0000 UTC