| | | Arik Keylogger | ['Aaron Keylogger'] | win.arik_keylogger | [] | 2018-02-07 | | | |
| | | AgfSpy | [] | win.agfspy | [] | 2020-11-09 | | | |
| | | Antilam | ['Latinus'] | win.antilam | [] | 2018-07-24 | | | |
| | | Project Alice | ['PrAlice', 'AliceATM'] | win.alice_atm | [] | 2020-02-27 | | | |
| | | Alphabet Ransomware | [] | win.alphabet_ransomware | [] | 2022-11-12 | | | |
| | | Anatova Ransomware | [] | win.anatova_ransom | [] | 2019-05-09 | | | |
| | | AdamLocker | [] | win.adam_locker | [] | 2018-01-04 | | | |
| | | Artra Downloader | [] | win.artra | [] | 2022-07-13 | | | |
| | | HOTCROISSANT | [] | win.hotcroissant | ['Lazarus Group'] | 2020-04-17 | | | |
| | | AthenaGo RAT | [] | win.athenago | [] | 2017-02-13 | | | |
| | | ARTFULPIE | [] | win.artfulpie | ['Lazarus Group'] | 2020-02-27 | | | |
| | | Acronym | [] | win.acronym | [] | 2017-04-06 | | | |
| | | abantes | [] | win.abantes | [] | 2018-10-18 | | | |
| | | ShadowPad | ['POISONPLUG.SHADOW', 'XShellGhost'] | win.shadowpad | ['APT23', 'APT41', 'APT17', 'DAGGER PANDA', 'Earth Lusca', 'Tonto Team', 'WET PANDA'] | 2024-04-11 | | | |
| | | Reshell | [] | win.reshell | ['GALLIUM'] | 2024-04-11 | | | |
| | | DinodasRAT | ['XDealer'] | win.dinodas_rat | [] | 2024-04-11 | | | |
| | | RemCom | ['RemoteCommandExecution'] | win.remcom | [] | 2024-04-11 | | | |
| | | MimiKatz | [] | win.mimikatz | ['APT32', 'Anunak', 'GALLIUM'] | 2024-04-11 | | | |
| | | TONESHELL | [] | win.toneshell | ['MUSTANG PANDA'] | 2024-04-11 | | | |
| | | Winnti | ['BleDoor', 'JUMPALL', 'RbDoor', 'Pasteboy'] | win.winnti | ['APT17'] | 2024-04-11 | | | |
| | | HyperBro | [] | win.hyperbro | ['EMISSARY PANDA'] | 2024-04-11 | | | |
| | | Derusbi | ['PHOTO'] | win.derusbi | ['APT41', 'APT17', 'Leviathan', 'Stone Panda'] | 2024-04-11 | | | |
| | | Poison Ivy | ['SPIVY', 'pivy', 'poisonivy'] | win.poison_ivy | ['GALLIUM', 'Molerats', 'Mustang Panda', 'Nightshade Panda', 'Pirate Panda', 'Stone Panda', 'TA428', 'Temper Panda'] | 2024-04-11 | | | |
| | | Matanbuchus | [] | win.matanbuchus | [] | 2024-04-10 | | | |
| | | Bashlite | ['gayfgt', 'Gafgyt', 'qbot', 'torlus', 'lizkebab'] | elf.bashlite | [] | 2024-04-10 | | | |
| | | CryptNET | [] | win.cryptnet | [] | 2024-04-10 | | | |
| | | SideWinder | [] | win.sidewinder | ['RAZOR TIGER'] | 2024-04-10 | | | |
| | | AndroxGh0st | ['AndroxGhost', 'Androx'] | py.androxgh0st | ['Xcatze'] | 2024-04-10 | | | |
| | | DBatLoader | ['ModiLoader', 'NatsoLoader'] | win.dbatloader | [] | 2024-04-10 | | | |
| | | Ave Maria | ['AVE_MARIA', 'AveMariaRAT', 'Warzone RAT', 'WarzoneRAT', 'avemaria'] | win.ave_maria | ['Anunak'] | 2024-04-10 | | | |
| | | Carbanak | ['Anunak', 'Sekur RAT'] | win.carbanak | ['FIN7'] | 2023-12-27 | | | |
| | | POWERTRASH | [] | ps1.powertrash | ['FIN7'] | 2023-12-12 | | | |
| | | Sliver | [] | win.sliver | [] | 2024-02-22 | | | |
| | | GhostSocks | [] | win.ghostsocks | [] | 2024-04-08 | | | |
| | | Raspberry Robin | ['RaspberryRobin', 'QNAP-Worm', 'LINK_MSIEXEC'] | win.raspberry_robin | [] | 2024-04-08 | | | |
| | | MuddyC2Go | [] | win.muddyc2go | ['MuddyWater'] | 2024-04-08 | | | |
| | | Creal Stealer | [] | py.creal_stealer | [] | 2024-04-04 | | | |
| | | Nokoyawa Ransomware | [] | win.nokoyawa | [] | 2024-04-03 | | | |
| | | PhotoLoader | ['GZIPLOADER'] | win.photoloader | [] | 2024-04-03 | | | |
| | | BlankGrabber | [] | py.blankgrabber | [] | 2024-04-03 | | | |
| | | Shurk Steal | [] | win.shurk | [] | 2024-04-03 | | | |
| | | LooCipher | [] | win.loocipher | [] | 2023-09-11 | | | |
| | | GCleaner | [] | win.gcleaner | [] | 2024-04-02 | | | |
| | | Dizzyvoid | ['Errorroot'] | win.dizzyvoid | ['Earth Lusca'] | 2024-03-25 | | | |
| | | Lumma Stealer | ['LummaC2 Stealer'] | win.lumma | [] | 2024-04-02 | | | |
| | | Gozi | ['CRM', 'Gozi CRM', 'Papras', 'Snifula', 'Ursnif'] | win.gozi | [] | 2024-04-02 | | | |
| | | Mars Stealer | [] | win.mars_stealer | [] | 2024-04-02 | | | |
| | | RisePro | [] | win.risepro | [] | 2024-04-02 | | | |
| | | Brunhilda | [] | apk.brunhilda | [] | 2024-03-28 | | | |
| | | POWERSTAR | [] | ps1.powerstar | [] | 2024-03-28 | | | |
| | | BASICSTAR | [] | vbs.basicstar | [] | 2024-03-28 | | | |
| | | MediaPI | ['Eyeglass'] | win.mediapi | ['Charming Kitten'] | 2024-03-28 | | | |
| | | HackBrowserData | [] | win.hackbrowserdata | [] | 2024-03-28 | | | |
| | | Unidentified 094 | ['ClaimLoader', 'PUBLOAD'] | win.unidentified_094 | [] | 2024-03-28 | | | |
| | | KrustyLoader | [] | elf.krustyloader | [] | 2024-03-28 | | | |
| | | TheMoon | [] | elf.themoon | [] | 2024-03-28 | | | |
| | | Coper | ['ExobotCompact', 'Octo'] | apk.coper | [] | 2024-03-28 | | | |
| | | Raccoon | ['Mohazo', 'RaccoonStealer', 'Racealer', 'Racoon'] | win.raccoon | [] | 2024-03-28 | | | |
| | | Chrysaor | ['Pegasus', 'JigglyPuff'] | apk.chrysaor | [] | 2024-03-28 | | | |
| | | CrackedCantil | [] | win.crackedcantil | [] | 2024-03-27 | | | |
| | | OCEANMAP | [] | win.oceanmap | ['APT28'] | 2024-03-27 | | | |
| | | MASEPIE | [] | py.masepie | ['APT28'] | 2024-03-27 | | | |
| | | Evil Ant | [] | py.evil_ant | [] | 2024-03-25 | | | |
| | | NetSupportManager RAT | ['NetSupport'] | win.netsupportmanager_rat | [] | 2024-03-25 | | | |
| | | Phobos | [] | win.phobos | [] | 2024-03-25 | | | |
| | | FluBot | ['Cabassous', 'FakeChat'] | apk.flubot | [] | 2024-03-25 | | | |
| | | BunnyLoader | [] | win.bunnyloader | [] | 2024-03-25 | | | |
| | | Gazavat | [] | win.gazavat | [] | 2024-03-25 | | | |
| | | FritzFrog | [] | elf.fritzfrog | [] | 2024-03-25 | | | |
| | | Dtrack | ['Preft', 'TroyRAT'] | win.dtrack | ['Lazarus Group', 'Silent Chollima'] | 2024-03-25 | | | |
| | | GhostLocker | [] | win.ghost_locker | [] | 2024-03-25 | | | |
| | | BlackCat | ['ALPHV', 'Noberus'] | win.blackcat | [] | 2024-03-25 | | | |
| | | WhiteSnake Stealer | [] | win.whitesnake | [] | 2024-03-25 | | | |
| | | SmokeLoader | ['Dofoil', 'Sharik', 'Smoke', 'Smoke Loader'] | win.smokeloader | ['SMOKY SPIDER'] | 2024-03-19 | | | |
| | | BPFDoor | ['JustForFun'] | elf.bpfdoor | ['Red Menshen'] | 2024-03-19 | | | |
| | | TripleCross | [] | elf.triplecross | [] | 2024-03-19 | | | |
| | | Stealc | [] | win.stealc | [] | 2024-03-18 | | | |
| | | RagnarLocker | [] | win.ragnarlocker | [] | 2024-03-18 | | | |
| | | RagnarLocker | [] | elf.ragnarlocker | [] | 2024-03-18 | | | |
| | | NewBot Loader | [] | win.newbot_loader | [] | 2024-03-18 | | | |
| | | SpectralBlur | [] | elf.spectral_blur | ['Lazarus Group'] | 2024-03-18 | | | |
| | | SpectralBlur | [] | osx.spectral_blur | ['Lazarus Group'] | 2024-03-18 | | | |
| | | AMOS | ['Atomic macOS Stealer'] | osx.amos | [] | 2024-03-18 | | | |
| | | Unidentified JS 006 (Winter Wyvern) | [] | js.unidentified_006 | ['Winter Vivern'] | 2024-02-20 | | | |
| | | Unidentified PS 004 (RAT) | [] | ps1.unidentified_004 | ['Kimsuky'] | 2024-03-18 | | | |
| | | STRRAT | [] | jar.strrat | [] | 2024-03-18 | | | |
| | | DarkGate | ['Meh', 'MehCrypter'] | win.darkgate | [] | 2024-03-18 | | | |
| | | Evilginx | [] | elf.evilginx | [] | 2024-03-18 | | | |
| | | OFFODE | [] | js.offode | [] | 2024-03-18 | | | |
| | | LockerGoga | [] | win.lockergoga | ['FIN6'] | 2024-03-13 | | | |
| | | Mispadu | ['URSA'] | win.mispadu | [] | 2024-03-13 | | | |
| | | Elevator | [] | elf.elevator | [] | 2024-03-12 | | | |
| | | SimpleTea | ['SimplexTea'] | elf.simpletea | ['Lazarus Group'] | 2023-12-19 | | | |
| | | Suterusu | ['HCRootkit'] | elf.suterusu | [] | 2024-03-12 | | | |
| | | Zeus | ['Zbot'] | win.zeus | [] | 2024-03-12 | | | |
| | | PrivateLoader | [] | win.privateloader | [] | 2024-03-12 | | | |
| | | CrimsonIAS | [] | win.crimsonias | ['Mustang Panda'] | 2024-03-07 | | | |
| | | Unidentified 115 (Nim Loader) | [] | win.unidentified_115 | [] | 2024-03-06 | | | |
| | | Joker | ['Bread'] | apk.joker | [] | 2024-03-05 | | | |
| | | Black Basta | ['no_name_software'] | win.blackbasta | [] | 2024-03-04 | | | |