File Search Engine
  • Search
  • Syntax
  • Fields
  • API
  • dllcodacker.ir · TheFatRat.zip

    //tools/

    Iran · NOAVARAN SHABAKEH SABZ MEHREGAN (Ltd.)

    Yara Suspicious_PowerShell_WebDownload_1 From Florian Roth by Florian Roth (Nextron Systems)
    Yara SUSP_PowerShell_IEX_Download_Combo From Florian Roth by Florian Roth (Nextron Systems)
    Yara Cobaltbaltstrike_Payload_Encoded From Florian Roth by Avast Threat Intel Team
    Yara Empire_PowerShell_Framework_Gen4 From Florian Roth by Florian Roth (Nextron Systems)
    Yara SUSP_shellpop_Bash From Florian Roth by Tobias Michalski
    Yara Empire_PowerShell_Framework_Gen1 From Florian Roth by Florian Roth (Nextron Systems)
    Yara APT_APT29_Win_FlipFlop_LDR From Florian Roth by threatintel@volexity.com
    Yara CobaltStrike_Unmodifed_Beacon From Florian Roth by yara@s3c.za.net
    Yara Empire_Invoke_MetasploitPayload From Florian Roth by Florian Roth (Nextron Systems)
    Yara Empire_Invoke_ShellcodeMSIL From Florian Roth by Florian Roth (Nextron Systems)
    Yara Empire_Invoke_DllInjection From Florian Roth by Florian Roth (Nextron Systems)
    Yara Empire_Install_SSP From Florian Roth by Florian Roth (Nextron Systems)
    Yara Empire_Get_SecurityPackages From Florian Roth by Florian Roth (Nextron Systems)
    Yara Mimikatz_Memory_Rule_1 From Florian Roth by Florian Roth
    Yara Empire_Invoke_Portscan_Gen From Florian Roth by Florian Roth (Nextron Systems)
    Yara Empire_Invoke_SMBAutoBrute From Florian Roth by Florian Roth (Nextron Systems)
    Yara Invoke_SMBExec_Invoke_WMIExec_1 From Florian Roth by Florian Roth (Nextron Systems)
    Yara TA17_293A_malware_1 From Florian Roth by US-CERT Code Analysis Team (modified by Florian Roth)
    Yara Empire_Invoke_SSHCommand From Florian Roth by Florian Roth (Nextron Systems)
    Yara Empire_Invoke_PsExec From Florian Roth by Florian Roth (Nextron Systems)
    Yara Base64_encoded_Executable From Florian Roth by Florian Roth (Nextron Systems)
    Yara Empire_Get_GPPPassword From Florian Roth by Florian Roth (Nextron Systems)
    Yara p0wnedPotato From Florian Roth by Florian Roth (Nextron Systems)
    Yara NTLM_Dump_Output From Florian Roth by Florian Roth (Nextron Systems)
    Yara Empire_dumpCredStore From Florian Roth by Florian Roth (Nextron Systems)
    Yara HKTL_PS1_PowerCat_Mar21 From Florian Roth by Florian Roth (Nextron Systems)
    Yara Empire_KeePassConfig From Florian Roth by Florian Roth (Nextron Systems)
    Yara Empire_Get_Keystrokes From Florian Roth by Florian Roth (Nextron Systems)
    Yara Empire_Out_Minidump From Florian Roth by Florian Roth (Nextron Systems)
    Yara Empire_Exploit_JBoss From Florian Roth by Florian Roth (Nextron Systems)
    Yara Empire_Exploit_Jenkins From Florian Roth by Florian Roth (Nextron Systems)
    Yara Empire_Invoke_PostExfil From Florian Roth by Florian Roth (Nextron Systems)
    Yara Empire_Invoke_EgressCheck From Florian Roth by Florian Roth (Nextron Systems)
    Yara HKTL_NET_GUID_UnmanagedPowerShell From Florian Roth by Arnim Rupp (https://github.com/ruppde)
    Yara SUSP_NET_NAME_ConfuserEx From Florian Roth by Arnim Rupp
    Yara Disable_Defender From AbuseCH by iam-py-test
    Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)

    SHA1: b6232e9e30b76932e1d4e88f40889b040f19d5b8
    SHA256: d1c3f8766bf523a6e0ffa23c663b2bd486e27d85abd02a1d410ad603eb6683c7
    application/zip
    1.35GB
    2025-10-09 10:30:36 +0000 UTC

  • parrot.elhacker.net · koadic_0~git20210412.orig.tar.gz

    /pool/main/k/koadic/

    Spain · Adamo Telecom Iberia S.A.

    Yara Mimikatz_Memory_Rule_1 From Florian Roth by Florian Roth
    Yara ReflectiveLoader From Florian Roth by Florian Roth (Nextron Systems)
    Yara Base64_encoded_Executable From Florian Roth by Florian Roth (Nextron Systems)
    Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)
    Yara HKTL_Keyword_InjectDLL From Florian Roth by Florian Roth (Nextron Systems)
    Download archived sample
    The password is "infected"

    SHA1: f13c7a63aa4e7cc1a2974f8473efc7ed08014872
    SHA256: 053e8fd7204c5fd6b3562b4372fc38029a4beb027c02ac3298c48ce7a0945002
    application/x-gzip
    4.16MB
    2023-11-30 05:41:32 +0000 UTC

  • mirrors.3winfra.com · pypykatz-pyc-0.6.11-r1.apk

    /alpine/edge/testing/aarch64/

    The Netherlands · xTom GmbH

    Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)
    Download archived sample
    The password is "infected"

    SHA1: 2b16ac57d5af903ffea02a463bd599863fc27eec
    SHA256: 3d8e1fef32fd90267154a74fcdc5f3da0ec71f2ec2dbd9fd858deeedee3b8bcb
    application/octet-stream
    721.12KB
    2025-05-29 12:00:14 +0000 UTC

  • 93.115.21.186 · mimikatz.exe

    /x64/

    The Netherlands · MVPS LTD

    Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)
    Download archived sample
    The password is "infected"

    SHA1: e3b6ea8c46fa831cec6f235a5cf48b38a4ae8d69
    SHA256: 61c0810a23580cf492a6ba4f7654566108331e7a4134c968c2d6a05261b2d8a1
    application/x-msdos-program
    1.29MB
    2022-09-19 16:44:40 +0000 UTC

  • 93.115.21.186 · mimikatz_trunk.zip

    /

    The Netherlands · MVPS LTD

    Yara power_pe_injection From Florian Roth by Benjamin DELPY (gentilkiwi)
    Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)
    Yara HackTool_Producers From Florian Roth
    Download archived sample
    The password is "infected"

    SHA1: 4112ef95386ea4d1131be7c600d49a310e9d8f5b
    SHA256: 7accd179e8a6b2fc907e7e8d087c52a7f48084852724b03d25bebcada1acbca5
    application/zip
    1.15MB
    2022-09-19 15:54:21 +0000 UTC

  • 93.115.21.186 · mimikatz.exe

    /mimikatz/x64/

    The Netherlands · MVPS LTD

    Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)
    Download archived sample
    The password is "infected"

    SHA1: e3b6ea8c46fa831cec6f235a5cf48b38a4ae8d69
    SHA256: 61c0810a23580cf492a6ba4f7654566108331e7a4134c968c2d6a05261b2d8a1
    application/x-msdos-program
    1.29MB
    2022-09-19 16:44:40 +0000 UTC

  • 93.115.21.186 · mimikatz.exe

    /mimikatz/Win32/

    The Netherlands · MVPS LTD

    Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)
    Download archived sample
    The password is "infected"

    SHA1: 93ed68c7e5096d936115854954135d110648e739
    SHA256: 94795fd89366e01bd6ce6471ff27c3782e2e16377a848426cf0b2e6baee9449b
    application/x-msdos-program
    1.03MB
    2022-09-19 16:43:56 +0000 UTC

  • 93.115.21.186 · mimikatz.zip

    /

    The Netherlands · MVPS LTD

    Yara power_pe_injection From Florian Roth by Benjamin DELPY (gentilkiwi)
    Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)
    Yara HackTool_Producers From Florian Roth
    Download archived sample
    The password is "infected"

    SHA1: 4112ef95386ea4d1131be7c600d49a310e9d8f5b
    SHA256: 7accd179e8a6b2fc907e7e8d087c52a7f48084852724b03d25bebcada1acbca5
    application/zip
    1.15MB
    2022-09-19 15:54:21 +0000 UTC

  • 93.115.21.186 · mimikatz.exe

    /

    The Netherlands · MVPS LTD

    Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)
    Download archived sample
    The password is "infected"

    SHA1: e3b6ea8c46fa831cec6f235a5cf48b38a4ae8d69
    SHA256: 61c0810a23580cf492a6ba4f7654566108331e7a4134c968c2d6a05261b2d8a1
    application/x-msdos-program
    1.29MB
    2025-06-20 21:29:48 +0000 UTC

  • 93.115.21.186 · mimikatz.exe

    /Win32/

    The Netherlands · MVPS LTD

    Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)
    Download archived sample
    The password is "infected"

    SHA1: 93ed68c7e5096d936115854954135d110648e739
    SHA256: 94795fd89366e01bd6ce6471ff27c3782e2e16377a848426cf0b2e6baee9449b
    application/x-msdos-program
    1.03MB
    2022-09-19 16:43:56 +0000 UTC

  • anna.lysator.liu.se · pypykatz-pyc-0.6.10-r0.apk

    /pub/alpine/edge/testing/loongarch64/

    Sweden · Vetenskapsradet / SUNET

    Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)
    Download archived sample
    The password is "infected"

    SHA1: 007d0e793cc8b84619c25b61d3886dc2cccaf64a
    SHA256: 11a97292ca2b31c3ff6656b52e44aa7cfdbebda27b1dc3b944fcaf32beccf1fd
    application/vnd.android.package-archive
    705.96KB
    2024-10-25 20:49:06 +0000 UTC

  • mirror.freedif.org · silenttrinity_0.4.6dev~20200310.orig.tar.gz

    /kali/pool/main/s/silenttrinity/

    Singapore · MyRepublic Ltd.

    Yara HKTL_NET_GUID_Internal_Monologue From Florian Roth by Arnim Rupp (https://github.com/ruppde)
    Yara INDICATOR_EXE_Packed_ConfuserEx From AlienVault by ditekSHen
    Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)
    Download archived sample
    The password is "infected"

    SHA1: 245a59c208a44745b45a82ae3063726fc3916766
    SHA256: af8c0b18b2339183d8bb6450b163a61e9f58d12ebbc0ae8eb58e2442e34a60bc
    application/x-gzip
    1.79MB
    2020-04-16 14:19:20 +0000 UTC

  • mirror.freedif.org · silenttrinity_0.4.6dev~20200310.orig.tar.gz

    /kali/pool/main/s/silenttrinity/

    Singapore · MyRepublic Ltd.

    Yara HKTL_NET_GUID_Internal_Monologue From Florian Roth by Arnim Rupp (https://github.com/ruppde)
    Yara INDICATOR_EXE_Packed_ConfuserEx From AlienVault by ditekSHen
    Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)
    Download archived sample
    The password is "infected"

    SHA1: 245a59c208a44745b45a82ae3063726fc3916766
    SHA256: af8c0b18b2339183d8bb6450b163a61e9f58d12ebbc0ae8eb58e2442e34a60bc
    application/x-gzip
    1.79MB
    2020-04-16 14:19:20 +0000 UTC

  • mirror.freedif.org · silenttrinity_0.4.6dev~20200310+git20211029.1.cd9416d.orig.tar.gz

    /kali/pool/main/s/silenttrinity/

    Singapore · MyRepublic Ltd.

    Yara HKTL_NET_GUID_Internal_Monologue From Florian Roth by Arnim Rupp (https://github.com/ruppde)
    Yara INDICATOR_EXE_Packed_ConfuserEx From AlienVault by ditekSHen
    Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)
    Download archived sample
    The password is "infected"

    SHA1: 9e0aa9ff28cee85111b5ead7005d8ad1dcd1467c
    SHA256: 47001ac061bf742af62f568348330b4d39beac367dd7e9739003014c3b7a7bca
    application/x-gzip
    1.79MB
    2022-12-14 07:18:45 +0000 UTC

  • mirror.freedif.org · silenttrinity_0.4.6dev~20200310+git20211029.1.cd9416d.orig.tar.gz

    /kali/pool/main/s/silenttrinity/

    Singapore · MyRepublic Ltd.

    Yara HKTL_NET_GUID_Internal_Monologue From Florian Roth by Arnim Rupp (https://github.com/ruppde)
    Yara INDICATOR_EXE_Packed_ConfuserEx From AlienVault by ditekSHen
    Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)
    Download archived sample
    The password is "infected"

    SHA1: 9e0aa9ff28cee85111b5ead7005d8ad1dcd1467c
    SHA256: 47001ac061bf742af62f568348330b4d39beac367dd7e9739003014c3b7a7bca
    application/x-gzip
    1.79MB
    2022-12-14 07:18:45 +0000 UTC

  • mirrors.3winfra.com · pypykatz-pyc-0.6.10-r0.apk

    /alpine/edge/testing/riscv64/

    The Netherlands · xTom GmbH

    Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)
    Download archived sample
    The password is "infected"

    SHA1: 39148cb3865a3b6fb9a08f35886669d100290591
    SHA256: 27ddc52b5c0142d329297d13927844d81f3ceb8e39bebdbb2e7f755a9adcd16a
    application/octet-stream
    707.43KB
    2024-08-08 21:31:20 +0000 UTC

  • mirrors.3winfra.com · pypykatz-pyc-0.6.10-r0.apk

    /alpine/edge/testing/ppc64le/

    The Netherlands · xTom GmbH

    Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)
    Download archived sample
    The password is "infected"

    SHA1: 726fb7f28dcf866afa2432a34f8aa6a360fedbe2
    SHA256: 146564175299b87f05d73dc2e7303c7ca87434cd431cef578be404e018622974
    application/octet-stream
    707.43KB
    2024-10-25 20:54:30 +0000 UTC

  • mirrors.3winfra.com · pypykatz-pyc-0.6.10-r0.apk

    /alpine/edge/testing/loongarch64/

    The Netherlands · xTom GmbH

    Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)
    Download archived sample
    The password is "infected"

    SHA1: 007d0e793cc8b84619c25b61d3886dc2cccaf64a
    SHA256: 11a97292ca2b31c3ff6656b52e44aa7cfdbebda27b1dc3b944fcaf32beccf1fd
    application/octet-stream
    705.96KB
    2024-10-25 20:49:06 +0000 UTC

  • mirrors.3winfra.com · pypykatz-pyc-0.6.10-r0.apk

    /alpine/edge/testing/armv7/

    The Netherlands · xTom GmbH

    Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)
    Download archived sample
    The password is "infected"

    SHA1: e608df3cd5d8f3bec5acb3f8535eb2add8463222
    SHA256: b2356785d12a7ec6524b73af6b7652b4bdbfa3059acb821a64100401524be1d6
    application/octet-stream
    707.69KB
    2024-10-25 19:08:19 +0000 UTC

  • mirrors.3winfra.com · pypykatz-pyc-0.6.10-r0.apk

    /alpine/edge/testing/armhf/

    The Netherlands · xTom GmbH

    Yara mimikatz From Florian Roth by Benjamin DELPY (gentilkiwi)
    Download archived sample
    The password is "infected"

    SHA1: d9646ca5ed61e8e3c607b0eeef2f03ebebd55e4e
    SHA256: 797cc6b8311c2ef0bcfbc7d32dced1fa51baa1aed8abdd5b77d432c2afc6284f
    application/octet-stream
    707.69KB
    2024-10-25 20:07:12 +0000 UTC