| | | Remcos | ['RemcosRAT', 'Remvio', 'Socmer'] | win.remcos | ['APT33', 'The Gorgon Group', 'UAC-0050'] | 2024-05-08 | | | |
| | | RokRAT | ['DOGCALL'] | win.rokrat | ['APT37'] | 2024-05-08 | | | |
| | | Nanocore RAT | ['Nancrat', 'NanoCore'] | win.nanocore | ['APT33', 'The Gorgon Group'] | 2024-05-07 | | | |
| | | MedusaLocker | ['AKO Ransomware', 'AKO Doxware', 'MedusaReborn'] | win.medusalocker | [] | 2024-05-07 | | | |
| | | Ryuk | [] | win.ryuk | ['FIN6', 'GRIM SPIDER', 'UNC1878', 'WIZARD SPIDER'] | 2024-05-07 | | | |
| | | ACR Stealer | [] | win.acr_stealer | [] | 2024-05-06 | | | |
| | | Formbook | ['win.xloader'] | win.formbook | ['SWEED', 'Cobalt'] | 2024-05-06 | | | |
| | | Kapeka | [] | win.kapeka | ['Sandworm'] | 2024-05-06 | | | |
| | | SSLoad | [] | win.ssload | ['TA578'] | 2024-05-06 | | | |
| | | solarmarker | ['Jupyter', 'Polazert', 'Yellow Cockatoo'] | win.solarmarker | [] | 2024-01-18 | | | |
| | | ZingoStealer | ['Ginzo'] | win.zingo_stealer | [] | 2024-05-06 | | | |
| | | Ginzo Stealer | [] | win.ginzo | [] | 2024-05-06 | | | |
| | | SmartLoader | [] | win.smartloader | [] | 2024-05-06 | | | |
| | | RedLine Stealer | ['RECORDSTEALER'] | win.redline_stealer | [] | 2024-05-06 | | | |
| | | Unidentified 111 (Latrodectus) | ['BLACKWIDOW', 'IceNova', 'Latrodectus', 'Lotus'] | win.unidentified_111 | [] | 2024-05-06 | | | |
| | | WIREFIRE | ['GIFTEDVISITOR'] | py.wirefire | [] | 2024-05-06 | | | |
| | | AcidPour | [] | elf.acidpour | [] | 2024-05-06 | | | |
| | | AcidRain | [] | elf.acidrain | [] | 2024-05-06 | | | |
| | | SSHDoor | [] | elf.sshdoor | [] | 2024-05-02 | | | |
| | | Zloader | ['DELoader', 'SILENTNIGHT', 'Terdot'] | win.zloader | [] | 2024-05-02 | | | |
| | | Vshell | [] | win.vshell | [] | 2024-05-02 | | | |
| | | Donex | [] | win.donex | [] | 2024-04-29 | | | |
| | | LIGHTRAIL | [] | win.lightrail | [] | 2024-04-29 | | | |
| | | MINIBIKE | [] | win.minibike | [] | 2024-04-29 | | | |
| | | Lechiket | [] | win.lechiket | [] | 2024-04-29 | | | |
| | | MINIBUS | [] | win.minibus | [] | 2024-04-29 | | | |
| | | IcedID | ['BokBot', 'IceID'] | win.icedid | ['GOLD CABIN', 'Lunar Spider'] | 2024-04-29 | | | |
| | | Mount Locker | ['DagonLocker', 'MountLocker', 'QuantumLocker'] | win.mount_locker | [] | 2024-04-29 | | | |
| | | QakBot | ['Oakboat', 'Pinkslipbot', 'Qbot', 'Quakbot'] | win.qakbot | ['GOLD CABIN'] | 2024-04-29 | | | |
| | | AsyncRAT | [] | win.asyncrat | [] | 2024-04-29 | | | |
| | | NjRAT | ['Bladabindi', 'Lime-Worm'] | win.njrat | ['AQUATIC PANDA', 'Earth Lusca', 'Operation C-Major', 'The Gorgon Group'] | 2024-04-29 | | | |
| | | Pikabot | [] | win.pikabot | [] | 2024-04-10 | | | |
| | | FakeDefend | [] | apk.fakedefend | [] | 2024-04-29 | | | |
| | | Fs0ciety | [] | win.fs0ciety | [] | 2024-04-29 | | | |
| | | Nyxem | [] | win.nyxem | [] | 2024-04-29 | | | |
| | | Phoenix | [] | apk.phoenix | [] | 2024-04-29 | | | |
| | | Scano | [] | win.scano | [] | 2024-04-29 | | | |
| | | Warezov | ['Stration', 'Opnis'] | win.warezov | [] | 2024-04-29 | | | |
| | | Cobalt Strike | ['Agentemis', 'BEACON', 'CobaltStrike', 'cobeacon'] | win.cobalt_strike | ['APT 29', 'APT32', 'APT41', 'AQUATIC PANDA', 'Anunak', 'Cobalt', 'Codoso', 'CopyKittens', 'DarkHydrus', 'FIN6', 'FIN7', 'Leviathan', 'Mustang Panda', 'Shell Crew', 'Stone Panda', 'TianWu', 'UNC1878', 'UNC2452', 'Winnti Umbrella'] | 2024-04-29 | | | |
| | | BloodAlchemy | [] | win.bloodalchemy | [] | 2024-04-26 | | | |
| | | Rhadamanthys | [] | win.rhadamanthys | ['Sandworm'] | 2024-04-11 | | | |
| | | Venom RAT | [] | win.venom | [] | 2024-04-23 | | | |
| | | DCRat | ['DarkCrystal RAT'] | win.dcrat | [] | 2024-04-23 | | | |
| | | XWorm | [] | win.xworm | [] | 2024-04-23 | | | |
| | | CloudEyE | ['GuLoader', 'vbdropper'] | win.cloudeye | [] | 2024-04-23 | | | |
| | | 404 Keylogger | ['404KeyLogger', 'Snake Keylogger'] | win.404keylogger | [] | 2024-04-23 | | | |
| | | Agent Tesla | ['AgenTesla', 'AgentTesla', 'Negasteal'] | win.agent_tesla | ['SWEED'] | 2024-04-23 | | | |
| | | LokiBot | [] | apk.lokibot | [] | 2024-04-23 | | | |
| | | Broomstick | ['CleanUpLoader', 'Oyster'] | win.broomstick | [] | 2024-03-04 | | | |
| | | KrBanker | ['BlackMoon'] | win.krbanker | [] | 2024-04-23 | | | |
| | | JSOutProx | [] | win.jsoutprox | ['SOLAR SPIDER'] | 2024-04-08 | | | |
| | | Alureon | ['Olmarik', 'Pihar', 'TDL', 'TDSS', 'wowlik'] | win.alureon | [] | 2024-04-23 | | | |
| | | SpyNote | ['CypherRat'] | apk.spynote | ['OilRig'] | 2024-04-23 | | | |
| | | CryptoClippy | [] | win.cryptoclippy | [] | 2024-04-23 | | | |
| | | Chaos | ['FakeRyuk', 'RyukJoke', 'Yashma'] | win.chaos | [] | 2024-04-23 | | | |
| | | RAWDOOR | [] | win.rawdoor | ['APT31'] | 2024-04-17 | | | |
| | | RoarBAT | [] | win.roar_bat | ['Sandworm'] | 2024-04-23 | | | |
| | | BlackEnergy | [] | win.blackenergy | ['Sandworm'] | 2024-04-23 | | | |
| | | HermeticWiper | ['DriveSlayer', 'FoxBlade', 'KillDisk.NCV', 'NEARMISS'] | win.hermeticwiper | [] | 2024-04-23 | | | |
| | | INDUSTROYER2 | [] | win.industroyer2 | ['Sandworm'] | 2024-04-23 | | | |
| | | PartyTicket | ['Elections GoRansom', 'HermeticRansom', 'SonicVote'] | win.partyticket | [] | 2024-04-23 | | | |
| | | VPNFilter | [] | elf.vpnfilter | [] | 2024-04-23 | | | |
| | | Olympic Destroyer | ['SOURGRAPE'] | win.olympic_destroyer | [] | 2024-04-23 | | | |
| | | CaddyWiper | ['KillDisk.NCX'] | win.caddywiper | ['APT28'] | 2024-04-23 | | | |
| | | EternalPetya | ['ExPetr', 'Pnyetya', 'Petna', 'NotPetya', 'Nyetya', 'NonPetya', 'nPetya', 'Diskcoder.C', 'BadRabbit'] | win.eternal_petya | ['TeleBots', 'Sandworm'] | 2024-04-23 | | | |
| | | Industroyer | ['Crash', 'CrashOverride'] | win.industroyer | ['ELECTRUM'] | 2024-04-23 | | | |
| | | MgBot | ['BLame', 'MgmBot'] | win.mgbot | [] | 2024-04-23 | | | |
| | | PlugX | ['Destroy RAT', 'Kaba', 'Korplug', 'Sogu', 'TIGERPLUG', 'RedDelta'] | win.plugx | ['APT 22', 'APT 26', 'APT31', 'APT41', 'Aurora Panda', 'Calypso group', 'DragonOK', 'EMISSARY PANDA', 'Hellsing', 'Hurricane Panda', 'Leviathan', 'Mirage', 'Mustang Panda', 'NetTraveler', 'Nightshade Panda', 'SLIME29', 'Samurai Panda', 'Stone Panda', 'UPS', 'Violin Panda'] | 2024-04-19 | | | |
| | | CHINACHOPPER | [] | win.chinachopper | ['APT41', 'EMISSARY PANDA', 'GALLIUM', 'HAFNIUM', 'Hurricane Panda', 'Leviathan'] | 2024-04-19 | | | |
| | | TinyTurlaNG | ['TTNG'] | win.tinyturla_ng | ['Turla'] | 2024-04-19 | | | |
| | | SoumniBot | [] | apk.soumnibot | [] | 2024-04-19 | | | |
| | | Vultur | ['Vulture'] | apk.vultur | [] | 2024-04-15 | | | |
| | | Epsilon Stealer | [] | win.epsilon_stealer | [] | 2024-04-15 | | | |
| | | Nova Stealer | ['Malicord'] | win.nova | [] | 2024-04-11 | | | |
| | | Amadey | [] | win.amadey | [] | 2024-02-05 | | | |
| | | xzbot | ['xzorcist'] | sh.xzbot | [] | 2024-04-15 | | | |
| | | Vidar | [] | win.vidar | [] | 2024-04-15 | | | |
| | | Quasar RAT | ['CinaRAT', 'QuasarRAT', 'Yggdrasil'] | win.quasar_rat | ['APT33', 'Dropping Elephant', 'Stone Panda', 'The Gorgon Group'] | 2024-04-15 | | | |
| | | SystemBC | ['Coroxy', 'DroxiDat'] | win.systembc | [] | 2024-01-22 | | | |
| | | LaZagne | [] | py.lazagne | [] | 2024-04-15 | | | |
| | | Drokbk | [] | win.drokbk | ['APT35'] | 2024-04-15 | | | |
| | | PureLogs Stealer | [] | win.purelogs | [] | 2024-04-15 | | | |
| | | Glupteba | [] | win.glupteba | [] | 2024-04-15 | | | |
| | | Dridex | [] | win.dridex | ['Evil Corp', 'INDRIK SPIDER', 'TA505'] | 2024-04-15 | | | |
| | | Simda | ['iBank'] | win.simda | [] | 2024-04-15 | | | |
| | | Emotet | ['Geodo', 'Heodo'] | win.emotet | ['GOLD CABIN', 'MUMMY SPIDER', 'Mealybug'] | 2024-04-15 | | | |
| | | UPSTYLE | [] | py.upstyle | [] | 2024-04-15 | | | |
| | | Conti | [] | win.conti | [] | 2024-04-15 | | | |
| | | Decoy Dog RAT | [] | elf.decoy_dog | [] | 2024-04-15 | | | |
| | | XploitSPY | [] | apk.xploitspy | [] | 2024-04-11 | | | |
| | | No-Justice | [] | win.no_justice | [] | 2024-04-11 | | | |
| | | LockBit | [] | elf.lockbit | [] | 2024-04-11 | | | |
| | | LockBit | [] | osx.lockbit | [] | 2024-04-11 | | | |
| | | LockBit | ['ABCD Ransomware'] | win.lockbit | [] | 2024-04-11 | | | |
| | | RandomQuery | [] | ps1.randomquery | ['Kimsuky'] | 2024-04-11 | | | |
| | | Linodas | ['XDealer', 'DinodasRAT'] | elf.linodas | [] | 2024-04-11 | | | |
| | | AdamLocker | [] | win.adam_locker | [] | 2018-01-04 | | | |
| | | AthenaGo RAT | [] | win.athenago | [] | 2017-02-13 | | | |
| | | Abbath Banker | [] | win.abbath_banker | [] | 2016-12-28 | | | |
| | | Alma Communicator | [] | win.alma_communicator | ['OilRig'] | 2019-04-18 | | | |