| | | PLAY | ['PlayCrypt'] | win.play | [] | 2026-01-12 | | | |
| | | WhiteRabbit | [] | elf.whiterabbit | [] | 2026-01-12 | | | |
| | | BlackCat | ['ALPHV', 'Noberus'] | win.blackcat | ['Alpha Spider', 'RansomHub', 'Vanilla Tempest'] | 2026-01-12 | | | |
| | | Clop | ['Cl0p'] | elf.clop | [] | 2026-01-12 | | | |
| | | Royal Ransom | [] | win.royal_ransom | [] | 2026-01-12 | | | |
| | | MedusaHTTP | [] | win.medusa_http | [] | 2026-01-12 | | | |
| | | Archer RAT | ['RustyWater'] | win.archer_rat | [] | 2026-01-12 | | | |
| | | RushDrop | ['ChronosRAT'] | elf.rush_drop | [] | 2026-01-09 | | | |
| | | SilentRaid | ['MystRodX'] | elf.silent_raid | [] | 2026-01-09 | | | |
| | | DriveSwitch | [] | elf.drive_switch | [] | 2026-01-09 | | | |
| | | CrazyHunter | [] | win.crazyhunter | [] | 2026-01-09 | | | |
| | | MaskGramStealer | [] | win.maskgramstealer | [] | 2026-01-05 | | | |
| | | pcTattletale | [] | apk.pctattletale | [] | 2026-01-08 | | | |
| | | Pulsar RAT | [] | win.pulsar_rat | [] | 2026-01-06 | | | |
| | | PostNapTea | ['SIGNBT'] | win.postnaptea | ['Lazarus Group'] | 2025-10-31 | | | |
| | | Poweliks | [] | win.poweliks | [] | 2020-04-23 | | | |
| | | PowerDuke | [] | win.powerduke | ['APT 29'] | 2023-07-28 | | | |
| | | PowerLoader | [] | win.powerloader | [] | 2020-07-15 | | | |
| | | PowerPool | [] | win.powerpool | [] | 2018-09-07 | | | |
| | | PowerShellRunner | [] | win.powershellrunner | ['Turla'] | 2019-05-30 | | | |
| | | Powersniff | ['PUNCHBUGGY'] | win.powersniff | [] | 2020-06-03 | | | |
| | | Predator The Thief | [] | win.predator | [] | 2021-04-12 | | | |
| | | Prestige | [] | win.prestige | [] | 2023-05-25 | | | |
| | | Prikormka | [] | win.prikormka | ['Groundbait'] | 2023-06-01 | | | |
| | | Prilex | [] | win.prilex | [] | 2018-03-16 | | | |
| | | PrivateLoader | [] | win.privateloader | [] | 2025-01-07 | | | |
| | | ProjectWood | [] | win.project_wood | [] | 2024-02-02 | | | |
| | | Prometei | [] | win.prometei | [] | 2024-10-24 | | | |
| | | Proto8RAT | [] | win.proto8_rat | [] | 2022-08-26 | | | |
| | | ProtonBot | [] | win.protonbot | [] | 2021-10-24 | | | |
| | | PseudoManuscrypt | [] | win.pseudo_manuscrypt | [] | 2025-09-25 | | | |
| | | PSLogger | ['ECCENTRICBANDWAGON'] | win.pslogger | ['Lazarus Group'] | 2022-11-21 | | | |
| | | PC Surveillance System | ['PSS'] | win.pss | [] | 2018-02-07 | | | |
| | | Pteranodon | ['Pterodo'] | win.pteranodon | ['Gamaredon Group', 'Operation Armageddon'] | 2025-11-26 | | | |
| | | Pterois | [] | win.pterois | ['Swan Vector'] | 2025-11-13 | | | |
| | | PUBLOAD | ['ClaimLoader', 'PUBLOAD'] | win.pubload | [] | 2025-09-23 | | | |
| | | PulsarTea | [] | win.pulsartea | ['Lazarus Group'] | 2025-10-28 | | | |
| | | Punkey POS | ['poscardstealer', 'pospunk', 'punkeypos'] | win.punkey_pos | [] | 2023-02-21 | | | |
| | | PureLocker | [] | win.purelocker | [] | 2019-11-20 | | | |
| | | PurpleFox | [] | win.purplefox | [] | 2024-02-02 | | | |
| | | PurpleWave | [] | win.purplewave | [] | 2022-11-15 | | | |
| | | Pushdo | [] | win.pushdo | [] | 2021-02-25 | | | |
| | | Putabmow | [] | win.putabmow | [] | 2018-07-24 | | | |
| | | puzzlemaker | [] | win.puzzlemaker | ['[Unnamed group]'] | 2021-07-20 | | | |
| | | PvzOut | [] | win.pvzout | ['Cleaver'] | 2017-05-21 | | | |
| | | PwndLocker | ['ProLock'] | win.pwndlocker | [] | 2022-01-25 | | | |
| | | pwnpos | [] | win.pwnpos | [] | 2020-10-05 | | | |
| | | Pykspa | [] | win.pykspa | [] | 2025-09-12 | | | |
| | | Qaccel | [] | win.qaccel | [] | 2018-07-24 | | | |
| | | Qadars | [] | win.qadars | [] | 2022-05-05 | | | |
| | | QakBot | ['Oakboat', 'Pinkslipbot', 'Qbot', 'Quakbot'] | win.qakbot | ['GOLD CABIN'] | 2025-03-10 | | | |
| | | QHost | ['Tolouge'] | win.qhost | [] | 2024-09-11 | | | |
| | | QtBot | ['qtproject'] | win.qtbot | [] | 2017-11-07 | | | |
| | | QuantLoader | [] | win.quantloader | ['Guru Spider'] | 2022-02-14 | | | |
| | | QuanPinLoader | [] | win.quan_pin_loader | ['Lazarus Group'] | 2025-11-21 | | | |
| | | QUARTERRIG | ['MUSKYBEAT', 'STATICNOISE'] | win.quarterrig | ['APT29'] | 2023-10-18 | | | |
| | | QuickHeal | [] | win.quickheal | [] | 2024-12-16 | | | |
| | | QUICKMUTE | [] | win.quickmute | ['Tonto Team'] | 2022-07-13 | | | |
| | | QuirkyLoader | [] | win.quirkyloader | [] | 2025-08-22 | | | |
| | | QuiteRAT | ['Acres'] | win.quiterat | ['Silent Chollima'] | 2023-08-28 | | | |
| | | r77 | ['r77 Rootkit'] | win.r77 | [] | 2025-03-21 | | | |
| | | r980 | [] | win.r980 | [] | 2017-02-15 | | | |
| | | Raccoon | ['Mohazo', 'RaccoonStealer', 'Racealer', 'Racoon'] | win.raccoon | [] | 2025-05-19 | | | |
| | | Racket Downloader | [] | win.racket | ['Lazarus Group'] | 2023-12-11 | | | |
| | | Rad | [] | win.rad | [] | 2021-10-24 | | | |
| | | Radamant | [] | win.radamant | [] | 2017-02-15 | | | |
| | | RadRAT | [] | win.radrat | [] | 2018-04-23 | | | |
| | | RagnarLocker | [] | win.ragnarlocker | [] | 2024-03-18 | | | |
| | | Ragnarok | [] | win.ragnarok | [] | 2024-11-29 | | | |
| | | RAILSETTER | [] | win.railsetter | [] | 2025-11-13 | | | |
| | | RALord | [] | win.ralord | [] | 2025-12-15 | | | |
| | | Rambo | ['brebsd'] | win.rambo | ['DragonOK'] | 2022-09-19 | | | |
| | | Ramdo | [] | win.ramdo | [] | 2016-04-20 | | | |
| | | Ramnit | ['Nimnul'] | win.ramnit | [] | 2023-11-14 | | | |
| | | Ramsay | [] | win.ramsay | ['DarkHotel'] | 2022-12-01 | | | |
| | | Ranbyus | [] | win.ranbyus | [] | 2024-02-13 | | | |
| | | Ransoc | [] | win.ransoc | [] | 2016-12-28 | | | |
| | | RansomEXX | ['Ransom X', 'Defray777'] | win.ransomexx | ['GOLD DUPONT'] | 2025-04-25 | | | |
| | | Ransomlock | ['WinLock'] | win.ransomlock | [] | 2018-01-02 | | | |
| | | Rapid Ransom | [] | win.rapid_ransom | [] | 2022-11-15 | | | |
| | | Rarog | [] | win.rarog | [] | 2019-01-06 | | | |
| | | rarstar | [] | win.rarstar | ['Tick'] | 2022-11-15 | | | |
| | | Ratankba | ['QUICKRIDE'] | win.ratankba | ['Lazarus Group'] | 2023-08-13 | | | |
| | | RatankbaPOS | ['RATANKBAPOS'] | win.ratankbapos | ['Lazarus Group'] | 2023-08-14 | | | |
| | | RATel | [] | win.ratel | [] | 2023-08-25 | | | |
| | | Raven Stealer | [] | win.ravenstealer | [] | 2025-09-17 | | | |
| | | RAWDOOR | [] | win.rawdoor | ['APT31'] | 2025-02-28 | | | |
| | | RawPOS | [] | win.rawpos | [] | 2020-04-17 | | | |
| | | RC2FM | [] | win.rc2fm | [] | 2022-08-25 | | | |
| | | RCS | ['Remote Control System', 'Crisis'] | win.rcs | ['Hacking Team', 'APT-C-34'] | 2024-11-25 | | | |
| | | RCtrl | [] | win.rctrl | ['APT 30'] | 2020-06-20 | | | |
| | | RDAT | ['GREYSTUFF'] | win.rdat | ['OilRig'] | 2025-06-16 | | | |
| | | ReactorBot | [] | win.reactorbot | [] | 2017-06-07 | | | |
| | | Reaver | [] | win.reaver | [] | 2019-05-17 | | | |
| | | RecordBreaker | [] | win.recordbreaker | [] | 2025-02-28 | | | |
| | | RedAlpha | [] | win.redalpha | [] | 2018-07-06 | | | |
| | | RedCurl | [] | win.redcurl | [] | 2024-02-16 | | | |
| | | RedLeaves | ['BUGJUICE'] | win.redleaves | ['Stone Panda'] | 2022-06-22 | | | |
| | | REDPEPPER | ['Adupib'] | win.redpepper | ['PLATINUM'] | 2020-01-01 | | | |
| | | REDSALT | ['Dipsind'] | win.redsalt | ['PLATINUM'] | 2020-01-20 | | | |