Malware Families

Enter keywords to filter the families below

Common Name	Alternative Names	Name	Actors	Last Updated
ScoringMathTea	[]	win.scoring_math_tea	['Lazarus Group']	2025-11-19
NikiTeaR	[]	win.nikitear	['Kimsuky']	2025-11-19
Vidar	[]	win.vidar	[]	2025-11-19
Pureland	[]	osx.pureland	[]	2025-11-19
KeySteal	[]	osx.keysteal	[]	2025-11-19
EggShell RAT	[]	osx.eggshell_rat	[]	2025-11-19
CloudMensis	['BadRAT']	osx.cloud_mensis	[]	2025-11-19
AMOS	['Atomic macOS Stealer']	osx.amos	[]	2025-11-19
Poseidon Stealer	['Rodrigo Stealer']	osx.poseidonstealer	[]	2025-11-19
Odyssey Stealer	[]	osx.odyssey_stealer	[]	2025-11-19
ComeBacker	[]	win.comebacker	['Lazarus Group']	2025-11-19
Phantom Stealer	[]	win.phantom_stealer	[]	2025-11-19
Warp Stealer	[]	win.warp_stealer	[]	2025-11-19
DRATzarus	['ThreatNeedle', 'ThreatNeedleTea']	win.dratzarus	['Lazarus Group']	2025-11-19
DragonBreath	[]	win.dragonbreath	[]	2025-11-18
NikiHTTP	[]	win.nikihttp	['Kimsuky']	2025-10-28
RONINGLOADER	[]	win.roningloader	[]	2025-11-18
Abyss Locker	['elf.hellokitty']	elf.abyss	[]	2025-03-10
Supper	['SocksShell', 'ZAPCAT']	win.supper	['Vanilla Tempest']	2025-11-11
GodRAT	[]	win.godrat	['APT41']	2025-11-18
TsunamiKit	[]	win.tsunamikit	['WageMole']	2025-11-17
Beavertail	[]	win.beavertail	['WageMole']	2025-11-17
InvisibleFerret	[]	py.invisibleferret	['WageMole']	2025-11-17
OtterCookie	[]	js.otter_cookie	['WageMole']	2025-11-17
BeaverTail	[]	js.beavertail	['WageMole']	2025-11-17
VIP Keylogger	[]	win.vipkeylogger	[]	2025-11-17
PXA Stealer	['PXAStealer', 'PXA']	py.pxa_stealer	[]	2025-11-17
TAMECAT	[]	vbs.tamecat	['APT42']	2025-11-14
SilentSweeper	[]	win.silent_sweeper	[]	2025-11-13
Laplas (Reverseshell)	[]	win.laplas_shell	[]	2025-11-13
Shadow RAT	[]	win.shadow_rat	[]	2025-11-13
FINALDRAFT	[]	win.finaldraft	[]	2025-11-13
RAILSETTER	[]	win.railsetter	[]	2025-11-13
Godzilla Webshell	[]	jsp.godzilla_webshell	[]	2025-11-13
Unidentified 093 (Sidewinder)	[]	win.unidentified_093	['RAZOR TIGER']	2025-11-13
RunForestRun	['Blackhole', 'Sutra']	js.runforestrun	[]	2025-11-13
GootKit	['Waldek', 'Xswkit', 'talalpek']	win.gootkit	[]	2025-11-13
PureRAT	['PureHVNC', 'ResolverRAT']	win.pure_rat	[]	2025-11-13
Pterois	[]	win.pterois	['Swan Vector']	2025-11-13
Cobalt Strike	['Agentemis', 'BEACON', 'CobaltStrike', 'cobeacon']	win.cobalt_strike	['APT 29', 'APT29', 'APT32', 'APT41', 'AQUATIC PANDA', 'Anunak', 'Cobalt', 'Codoso', 'CopyKittens', 'DarkHydrus', 'Earth Baxia', 'FIN6', 'FIN7', 'Leviathan', 'Mustang Panda', 'Shell Crew', 'Stone Panda', 'TianWu', 'UNC1878', 'UNC2452', 'Winnti Umbrella']	2025-11-13
Meterpreter	[]	win.meterpreter	[]	2025-11-13
Unidentified PS 005 (Telegram Bot)	[]	ps1.unidentified_005	['YoroTrooper']	2025-11-13
Sliver	[]	win.sliver	[]	2025-11-13
Havoc	['Havokiz']	win.havoc	[]	2025-11-13
FULLMETAL	[]	win.fullmetal	[]	2025-11-13
Quasar RAT	['CinaRAT', 'QuasarRAT', 'Yggdrasil']	win.quasar_rat	['APT33', 'Dropping Elephant', 'Stone Panda', 'The Gorgon Group']	2025-11-12
Remcos	['RemcosRAT', 'Remvio', 'Socmer']	win.remcos	['APT33', 'The Gorgon Group', 'UAC-0050']	2025-11-12
GootLoader	['SLOWPOUR']	js.gootloader	['Storm-0249']	2025-11-11
MAYBEROBOT	['', 'SIMPLEFIX']	win.mayberobot	['Callisto']	2025-11-10
FudModule	['LIGHTSHOW']	win.fudmodule	['Lazarus Group']	2025-11-10
LANDFALL	[]	apk.landfall	[]	2025-11-09
BlackCat	['ALPHV', 'Noberus']	win.blackcat	['Alpha Spider', 'RansomHub', 'Vanilla Tempest']	2025-11-09
Cactus	[]	win.cactus	[]	2025-11-09
Cicada3301	[]	win.cicada3301	[]	2025-11-09
Clop	[]	win.clop	['TA505']	2025-11-09
RansomHub	[]	win.ransomhub	['RansomHub']	2025-11-09
PLAY	['PlayCrypt']	win.play	[]	2025-11-09
LockBit	['ABCD Ransomware']	win.lockbit	[]	2025-11-09
Royal Ransom	[]	win.royal_ransom	[]	2025-11-09
Silence	['TrueBot']	win.silence	['Silence group', 'TA505']	2025-11-09
Aisuru	[]	elf.aisuru	[]	2025-11-08
Lumma Stealer	['LummaC2 Stealer']	win.lumma	['Angry Likho']	2025-11-05
VShell	[]	win.vshell	[]	2025-11-05
Agent Tesla	['AgenTesla', 'AgentTesla', 'Negasteal']	win.agent_tesla	['SWEED']	2025-11-05
Dante	[]	win.dante	[]	2025-11-05
Aura Stealer	['AURA Stealer', 'AURASTEAL']	win.aurastealer	[]	2025-09-16
Broomstick	['CLEANBOOST', 'CleanUp', 'CleanUpLoader', 'Oyster']	win.broomstick	[]	2025-11-03
BQTlock	[]	elf.bqtlock	[]	2025-11-05
PolarEdge	[]	elf.polaredge	[]	2025-11-05
MetaStealer	[]	win.metastealer	['UNC5537']	2025-11-05
XWorm	[]	win.xworm	['Hive0137']	2025-11-03
LinkPro	[]	elf.linkpro	[]	2025-11-03
JADESNOW	['ChainedDown']	js.jadesnow	[]	2025-11-03
Latrodectus	['BLACKWIDOW', 'IceNova', 'Latrodectus', 'Lotus']	win.latrodectus	[]	2025-10-28
Kamasers	[]	win.kamasers	[]	2025-10-31
PostNapTea	['SIGNBT']	win.postnaptea	['Lazarus Group']	2025-10-31
wAgentTea	['wAgent']	win.wagenttea	['Lazarus Group']	2025-10-31
Bankshot	['COPPERHEDGE', 'FoggyBrass']	win.bankshot	['Lazarus Group']	2025-10-31
EntryShell	[]	win.entryshell	[]	2025-10-29
SparrowDoor	[]	win.sparrow_door	['GhostEmperor']	2025-10-29
ShadowPad	['POISONPLUG.SHADOW', 'XShellGhost']	win.shadowpad	['APT23', 'APT41', 'APT17', 'DAGGER PANDA', 'Earth Lusca', 'Tonto Team', 'WET PANDA']	2025-10-29
DracuLoader	[]	win.dracu_loader	['Earth Estries']	2025-10-29
SNAPPYBEE	['Deed RAT', 'POISONPLUG.DEED']	win.snappybee	['Earth Estries']	2025-10-29
BUSHWALK	[]	elf.bushwalk	[]	2025-10-28
PITFUEL	[]	elf.pitfuel	[]	2025-10-28
PITSOCK	[]	elf.pitsock	[]	2025-10-28
PITHOOK	[]	elf.pithook	[]	2025-10-28
PulsarTea	[]	win.pulsartea	['Lazarus Group']	2025-10-28
Kubo Injector	[]	elf.kubo_injector	[]	2025-10-28
PylangGhost	[]	py.pylangghost	['WageMole']	2025-10-20
LockBit	[]	elf.lockbit	[]	2025-10-22
Princess	[]	apk.princess	[]	2025-10-24
QuanPinLoader	[]	win.quan_pin_loader	['Lazarus Group']	2025-10-24
BlindEDR	[]	win.blind_edr	[]	2025-10-23
ValleyRAT	['Winos']	win.valley_rat	[]	2025-10-23
RedLine Stealer	['RECORDSTEALER']	win.redline_stealer	[]	2025-10-23
Formbook	['win.xloader']	win.formbook	['SWEED', 'Cobalt']	2025-10-23
NOROBOT	['BAITSWITCH']	win.norobot	['Callisto']	2025-10-22
MedusaLocker	['AKO Ransomware', 'AKO Doxware', 'MedusaReborn']	win.medusalocker	[]	2025-10-22
GlassWorm	[]	js.glassworm	[]	2025-10-21