Malware Families

Enter keywords to filter the families below

Common Name	Alternative Names	Name	Actors	Last Updated
wAgentTea	['wAgent']	win.wagenttea	['Lazarus Group']	2025-07-29
Scavenger	['scavenger', 'SCVNGR', 'scvngr']	win.scavenger	[]	2025-07-29
WEEVILPROXY	['JSCEAL']	js.weevilproxy	[]	2025-08-15
CASTLELOADER	[]	win.castleloader	[]	2025-07-28
Epsilon Red	['BlackCocaine']	win.epsilon_red	[]	2025-07-28
OceanLotus	[]	osx.oceanlotus	['APT32']	2025-07-28
PlugX	['Destroy RAT', 'Kaba', 'Korplug', 'Sogu', 'TIGERPLUG', 'RedDelta']	win.plugx	['APT 22', 'APT 26', 'APT31', 'APT41', 'Aurora Panda', 'Calypso group', 'DragonOK', 'EMISSARY PANDA', 'Hellsing', 'Hurricane Panda', 'Leviathan', 'Mirage', 'Mustang Panda', 'NetTraveler', 'Nightshade Panda', 'SLIME29', 'Samurai Panda', 'Stone Panda', 'UPS', 'Violin Panda']	2025-07-28
Remo	['PlayPraetor']	apk.remo	[]	2025-07-28
Coper	['ExobotCompact', 'Octo']	apk.coper	[]	2025-07-28
SpyMax	[]	apk.spymax	[]	2025-07-28
BlackSuit	[]	win.blacksuit	[]	2025-07-28
Chaos	['FakeRyuk', 'RyukJoke', 'Yashma']	win.chaos	[]	2025-07-28
BlackSuit	[]	elf.blacksuit	[]	2025-07-28
Royal Ransom	['Royal_unix', 'Royal']	elf.royal_ransom	[]	2025-07-28
Royal Ransom	[]	win.royal_ransom	[]	2025-07-28
Mount Locker	['DagonLocker', 'MountLocker', 'QuantumLocker']	win.mount_locker	['Vanilla Tempest']	2025-07-28
Unidentified 123 (Go Infostealer)	['Go Infostealer']	win.unidentified_123	[]	2025-07-25
StarFish	[]	js.starfish	[]	2025-07-25
KV	[]	sh.kv	['Volt Typhoon']	2025-07-24
DEVMAN	[]	win.devman	['DragonForce', '[Unnamed group]']	2025-09-08
Pearl Stealer	[]	osx.pearl_stealer	[]	2025-07-24
Dosia	['DDOSIA']	win.dosia	['NoName057(16)']	2025-07-24
RunForestRun	['Blackhole', 'Sutra']	js.runforestrun	[]	2025-07-24
GootKit	['Waldek', 'Xswkit', 'talalpek']	win.gootkit	[]	2025-07-24
Lyposit	['Lucky Locker', 'Adneukine', 'Bomba Locker']	win.lyposit	[]	2025-07-24
Matsnu	[]	win.matsnu	[]	2025-07-24
Reveton	[]	win.reveton	[]	2025-07-24
UPAS	['Rombrast']	win.upas	[]	2025-07-24
Urausy	[]	win.urausy	[]	2025-07-24
Sinowal	['Theola', 'Quarian', 'Mebroot', 'Anserin', 'Torpig']	win.sinowal	[]	2025-07-24
Andromeda	['Gamarue', 'B106-Gamarue', 'B67-SS-Gamarue', 'b66']	win.andromeda	['Operation C-Major']	2025-07-24
Citadel	[]	win.citadel	[]	2025-07-24
Cobalt Strike	['Agentemis', 'BEACON', 'CobaltStrike', 'cobeacon']	win.cobalt_strike	['APT 29', 'APT29', 'APT32', 'APT41', 'AQUATIC PANDA', 'Anunak', 'Cobalt', 'Codoso', 'CopyKittens', 'DarkHydrus', 'Earth Baxia', 'FIN6', 'FIN7', 'Leviathan', 'Mustang Panda', 'Shell Crew', 'Stone Panda', 'TianWu', 'UNC1878', 'UNC2452', 'Winnti Umbrella']	2025-07-23
MimiKatz	[]	win.mimikatz	['APT32', 'Anunak', 'GALLIUM']	2025-07-23
ASPXSpy	[]	php.aspxspy	['APT39', 'APT41', 'HAFNIUM']	2025-07-22
TwoFace	['Minion', 'HighShell', 'HyperShell', 'SEASHARPEE']	asp.twoface	['APT27', 'APT34', 'OilRig', 'Turla', 'UNC215']	2025-07-22
SharPyShell	['ASPSHELL']	win.sharpyshell	['APT41']	2025-07-22
ColdLock	[]	win.coldlock	['APT41']	2025-07-21
LAMEHUG	[]	py.lamehug	['APT28']	2025-07-21
Crocodilus	[]	apk.crocodilus	[]	2025-07-21
8Base	[]	win.8base	[]	2025-07-21
Phobos	[]	win.phobos	[]	2025-07-21
Voldemort	[]	win.voldemort	[]	2025-07-17
WhisperGate	['PAYWIPE']	win.whispergate	[]	2025-07-21
Scranos	[]	win.scranos	[]	2025-07-21
Stresspaint	[]	win.stresspaint	[]	2025-07-21
FrostyFerret	[]	osx.frostyferret	['WageMole']	2025-04-27
STRRAT	[]	jar.strrat	[]	2025-07-17
Koi Loader	[]	win.koiloader	[]	2025-05-20
Koi Stealer	[]	win.koistealer	[]	2024-12-09
SilentGh0st	[]	win.silentgh0st	[]	2025-07-15
CloudEyE	['GuLoader', 'vbdropper']	win.cloudeye	[]	2025-07-14
Feodo	['Cridex', 'Bugat']	win.feodo	[]	2025-07-14
BellaCiao	[]	win.bellaciao	[]	2025-07-14
Mispadu	['URSA']	win.mispadu	[]	2025-07-14
HATVIBE	[]	vbs.hatvibe	['UAC-0063']	2025-07-11
DownEx	[]	win.downex	['UAC-0063']	2025-07-11
PXA Stealer	['PXAStealer', 'PXA']	py.pxa_stealer	[]	2025-07-09
BADBOX	[]	apk.badbox	[]	2025-07-08
Amatera	[]	win.amatera	[]	2025-07-08
reGeorg	[]	win.regeorg	[]	2025-07-08
HTran	['HUC Packet Transmit Tool', 'lcx']	win.htran	['GALLIUM', 'UPS']	2025-07-08
iox	[]	win.iox	[]	2025-07-08
POORTRY	[]	win.poortry	[]	2025-07-07
PowerNet	[]	ps1.powernet	['FIN7']	2025-07-07
RevC2	[]	win.revc2	[]	2025-07-07
Phemedrone Stealer	['Ov3r_Stealer']	win.phemedrone_stealer	[]	2025-07-07
JanelaRAT	[]	win.janela_rat	[]	2025-07-07
GOREVERSE	[]	elf.goreverse	['UNC5174']	2025-07-07
SNOWLIGHT	[]	elf.snowlight	['UNC5174']	2025-07-07
AMOS	['Atomic macOS Stealer']	osx.amos	[]	2025-07-07
JenX	[]	elf.jenx	[]	2025-07-02
SideWalk	[]	elf.sidewalk	[]	2025-07-02
GOREshell	[]	elf.goreshell	[]	2025-07-02
DarkGate	['Meh', 'MehCrypter']	win.darkgate	[]	2025-07-01
EvilConwi	[]	win.evilconwi	[]	2025-06-30
HexaLocker	[]	win.hexalocker	[]	2025-06-30
Skuld	['TMPN']	win.skuld	[]	2025-06-30
SpyNote	['CypherRat']	apk.spynote	['OilRig']	2025-06-30
GIFTEDCROOK	[]	win.giftedcrook	['UAC-0226']	2025-06-27
Skynet	[]	win.skynet	[]	2025-06-26
ACR Stealer	[]	win.acr_stealer	[]	2025-06-26
Formbook	['win.xloader']	win.formbook	['SWEED', 'Cobalt']	2025-06-25
RedLine Stealer	['RECORDSTEALER']	win.redline_stealer	[]	2025-06-25
BEARDSHELL	[]	win.beardshell	['APT28']	2025-06-25
SLIMAGENT	[]	win.slimagent	['APT28']	2025-06-25
MASS Logger	[]	win.masslogger	[]	2025-06-25
Xloader	['Formbook']	osx.xloader	[]	2025-06-25
Brute Ratel C4	['BOLDBADGER', 'BruteRatel']	win.brute_ratel_c4	[]	2025-06-24
Sliver	[]	win.sliver	[]	2025-06-24
Meduza Stealer	[]	win.meduza	[]	2025-06-24
Fog	[]	win.fog	[]	2025-06-24
Meterpreter	[]	win.meterpreter	[]	2025-06-24
JuicyPotato	[]	win.juicy_potato	[]	2025-06-24
LaZagne	[]	py.lazagne	[]	2025-06-24
ShortLeash	[]	elf.shortleash	[]	2025-06-24
ShortLeash	[]	win.shortleash	[]	2025-06-24
Flodrix	[]	elf.flodrix	[]	2025-06-23
Sorillus RAT	[]	jar.sorillus	[]	2025-06-23
XDSpy	[]	win.xdspy	[]	2025-06-23