_ .. .. u dF dF 88Nu. u. uL .. x. . u. u. '88bu. .u . .u . u. x. . u. u. '88bu. '88888.o888c .@88b @88R .@88k z88u x@88k u@88c. '*88888bu .u .d88B :@8c uL .d88B :@8c ...ue888b .@88k z88u x@88k u@88c. '*88888bu ^8888 8888 '"Y888k/"*P ~"8888 ^8888 ^"8888""8888" ^"*8888N ud8888. ="8888f8888r .ue888Nc.. ="8888f8888r 888R Y888r ~"8888 ^8888 ^"8888""8888" ^"*8888N 8888 8888 Y888L 8888 888R 8888 888R beWE "888L :888'8888. 4888>'88" d88E`"888E` 4888>'88" 888R I888> 8888 888R 8888 888R beWE "888L 8888 8888 8888 8888 888R 8888 888R 888E 888E d888 '88%" 4888> ' 888E 888E 4888> ' 888R I888> 8888 888R 8888 888R 888E 888E 8888 8888 `888N 8888 888R 8888 888R 888E 888E 8888.+" 4888> 888E 888E 4888> 888R I888> 8888 888R 8888 888R 888E 888E .8888b.888P .u./"888& 8888 ,888B . 8888 888R 888E 888F 8888L .d888L .+ 888E 888E .d888L .+ u8888cJ888 8888 ,888B . 8888 888R 888E 888F ^Y8888*"" d888" Y888*" "8888Y 8888" "*88*" 8888" .888N..888 '8888c. .+ ^"8888*" 888& .888E ^"8888*" "*888*P" "8888Y 8888" "*88*" 8888" .888N..888 `Y" ` "Y Y" `Y" 'YP "" 'Y" `"888*"" "88888% "Y" *888" 888& "Y" 'Y" `Y" 'YP "" 'Y" `"888*"" "" "YP' `" "888E "" .dWi `88E 4888~ J8% ^"===*"`
archive | code | zines | papers | apt collection | samples | supporters | contact
 ______     ______     __    __     ______   __         ______     ______    
/\  ___\   /\  __ \   /\ "-./  \   /\  == \ /\ \       /\  ___\   /\  ___\   
\ \___  \  \ \  __ \  \ \ \-./\ \  \ \  _-/ \ \ \____  \ \  __\   \ \___  \  
 \/\_____\  \ \_\ \_\  \ \_\ \ \_\  \ \_\    \ \_____\  \ \_____\  \/\_____\ 
  \/_____/   \/_/\/_/   \/_/  \/_/   \/_/     \/_____/   \/_____/   \/_____/ 
                                                                             

Individual Samples
Sample Download Sample Info
AgentTesla Who Is Agent Tesla?
Amadey Threat Spotlight: Amadey Bot Targets Non-Russian Users
Amavaldo From Carnaval to Cinco de Mayo – The journey of Amavaldo
Android.Bzy Chinese Teens Take On the Mobile Ransomware Trade
Android.Greywolf Chinese Teens Take On the Mobile Ransomware Trade
Andromeda Andromeda under the microscope
AsyncRAT AsyncRAT
Ave Maria Backdoor.AveMaria
Aveo Aveo Malware Family Targets Japanese Speaking Users
Azorult AZORULT Malware Information
Babuk Ransomware gang Babuk goes dark
BandarChor Ransomware Ransomware Report: The Rise of BandarChor
Bartalex Enterprises Hit by BARTALEX Macro Malware in Recent Spam Outbreak
BasBanke BasBanke: Trend-setting Brazilian banking Trojan
Bazar Loader BazarLoader deploys a pair of novel spam vectors
Bedep Bedep Ad-Fraud Botnet Analysis
BitRAT BitRAT
Bizarro Bizarro: a banking Trojan full of nasty tricks
BlackMatter BlackMatter ransomware emerges from the shadow of DarkSide
CTB-Locker CTB-Locker
CVE-2008-2551 Drive-by download campaign targets Chinese websites
CVE-2015-0359 CVE-2015-0359
CVE-2017-10271 Oracle Server Exploited to Deliver Monero Miners
CVE-2017-11882 CVE-2017-11882
CVE-2018-0802 CVE-2018-0802
CVE-2018-4878 CVE-2018-4878
Chapak Trojan.Win32.Chapak
Clownic Ransomware Clownic Ransomware documented by GrujaRS
CobaltStrike Cobalt Strike Usage Explodes Among Cybercrooks
Coldroot Meet Coldroot, a nasty Mac trojan that went undetected for years
Conti Conti Ransomware Gang
CryptBot Cryptbot: How Free becomes a High Price to Pay
CryptoFortress CryptoFortress mimics TorrentLocker but is a different ransomware
Cryxos Trojan:JS/Cryxos
Curator Ransomware N/A
DCRat Analyzing Dark Crystal RAT, a C# Backdoor
DanaBot New Year, New Version of DanaBot
DarkComet Backdoor.DarkComet
DarkVNC A short journey into DarkVNC attack chain
Darkside Shining a Light on DARKSIDE Ransomware Operations
DearCry Ransomware DearCry Ransomware and the Hafnium Attacks
Djvu Djvu Ransomware
Dyre Dyre Banking Trojan
Emdivi Emdivi and the Rise of Targeted Attacks in Japan
FakeDivX Compromised Turkish Government Web site leads to malware
Fareit Trojan.PWS.Fareit
FighterPOS FighterPOS PoS Malware Gets Worm Routine
Filmkan Filmkan: Mysterious Turkish Botnet Grows Through Facebook
FluBot FluBot Android Malware
FormBook Deep Analysis: FormBook New Variant
FritzFrog FritzFrog: A New Generation Of Peer-To-Peer Botnets
Gafgyt What is Gafgyt malware?
Gauss Gauss: Nation-state cyber-surveillance meets banking Trojan
Glupteba Trojan.Glupteba
GoSearch GoSearch Virus Mac
GuLoader GuLoader: Peering Into a Shellcode-based Downloader
Haron Ransomware BlackMatter & Haron: Evil Ransomware Newborns or Rebirths
HawkEye Keylogger Revamped HawkEye Keylogger Swoops in on Coronavirus Fears
HelloKitty HelloKitty: When Cyberpunk met cy-purr-crime
Jianmo Chinese Teens Take On the Mobile Ransomware Trade
Kobalos Kobalos (malware)
Linux.Spike Linux Spike Trojan malware
Loda RAT Loda RAT Grows Up
Lokibot LokiBot Malware
MassLogger MASS Logger
Medusa Locker Medusa Locker Ransomware
Mirai What is mirai botnet?
MyDoom Worm:W32/Mydoom
Nanocore NANOCORE RAT UNDER THE MICROSCOPE
Neshta Neshta File Infector Endures
NetFilter Microsoft signed a malicious Netfilter rootkit
NetWire RAT New NetWire RAT Campaigns Use IMG Attachments
Networm Networm
Neutrino EK Neutrino Exploit Kit
NitlovePOS NitlovePOS: Another New POS Malware
NjRat Backdoor.NJRat
Nuclear EK All You Need to Know About Nuclear Exploit Kit
Numando Numando: Count once, code twice
Orcus Orcus RAT Author Charged in Malware Scheme
Oscorp Oscorp, a new Android malware targets Italian users
Oski Oski Data-Stealing Malware Emerges to Target North America, China
Pegasus What is pegasus spyware?
PlugX Take a Deep Dive into PlugX Malware
Pony Pony: A Breakdown of the Most Popular Malware in Credential Theft
Poseidon PoSeidon (malware)
PunkeyPOS PunkeyPOS Malware
PurpleFox 'Purple Fox’ Malware Can Rootkit and Abuse PowerShell
QuasarRAT Quasar RAT: A sneak peek into the Remote Access Trojan’s capabilities
REvil REvil/Sodinokibi Ransomware
RaccoonStealer Raccoon: The Story of a Typical Infostealer
RawPOS RawPOS: New Behavior Risks Identity Theft
Razy Mal/Razy
RedLine Redline Password Stealer Malware
Remcos Trojan.Remcos
Retefe 2019: The Return of Retefe
RotaJakiro RotaJakiro: A Linux backdoor
Sanya Linux Executables Deployed As Stealth Windows Loaders
Shellbot The Risk of Publicly Available Cryptocurrency Miners
ShinoLocker N/A
Skype Worm Skype worm reloaded
Slave New banking trojan 'Slave' hitting Polish Banks
SmokeLoader Smoke Loader
Snake Keylogger Snake Keylogger Slithers Through Malspam
Stegoloader Stegoloader: A Stealthy Information Stealer
Sundown Exploit Kit Sundown Exploit Kit
Symmi The DGA of Symmi
SynAck Ransomware SynAck targeted ransomware uses the Doppelgänging technique
TeslaCrypt TeslaCrypt
TrickBot Trojan.TrickBot
Valyria Valyria Trojan Drops Emotet
Vermilion Strike Vermilion Strike: Linux and Windows Re-implementation of Cobalt Strike
Vermin A deep dive down the Vermin RAThole
Werdlod TROJ_WERDLOD: New Banking Trojan Targets Japan
XCSSET XCSSET Mac Malware: Infects Xcode Projects, Uses 0Days
Zumanek Zumanek Remote Access Trojan Threat Intel Advisory
Malware Blocks
Direct Block Download Torrent Block Download File Listing
Block.0000 Block.0000 Torrent File listing
Block.0001 Block.0001 Torrent File listing
Block.0002 Block.0002 Torrent File listing
Block.0003 Block.0003 Torrent File listing
Block.0004 Block.0004 Torrent File listing
Block.0005 Block.0005 Torrent File listing
Block.0006 Block.0006 Torrent File listing
Block.0007 Block.0007 Torrent File listing
Block.0008 Block.0008 Torrent File listing
Block.0009 Block.0009 Torrent File listing
Block.0010 Block.0010 Torrent File listing
Block.0011 Block.0011 Torrent File listing
Block.0012 Block.0012 Torrent File listing
Block.0013 Block.0013 Torrent File listing
Block.0014 Block.0014 Torrent File listing
Block.0015 Block.0015 Torrent File listing
Block.0016 Block.0016 Torrent File listing
Block.0017 Block.0017 Torrent File listing
Block.0018 Block.0018 Torrent File listing
Block.0019 Block.0019 Torrent File listing
Block.0020 Block.0020 Torrent File listing
Block.0021 Block.0021 Torrent File listing
Block.0022 Block.0022 Torrent File listing
Block.0023 Block.0023 Torrent File listing
Block.0024 Block.0024 Torrent File listing
Block.0025 Block.0025 Torrent File listing
Block.0026 Block.0026 Torrent File listing
Block.0027 Block.0027 Torrent File listing
Block.0028 Block.0028 Torrent File listing
Block.0029 Block.0029 Torrent File listing
Block.0030 Block.0030 Torrent File listing
Block.0031 Block.0031 Torrent File listing
Block.0032 Block.0032 Torrent File listing
Block.0033 Block.0033 Torrent File listing
Block.0034 Block.0034 Torrent File listing
Block.0035 Block.0035 Torrent File listing
Block.0036 Block.0036 Torrent File listing
Block.0037 Block.0037 Torrent File listing
Block.0038 Block.0038 Torrent File listing
Block.0039 Block.0039 Torrent File listing
Block.0040 Block.0040 Torrent File listing
Block.0041 Block.0041 Torrent File listing
Block.0042 Block.0042 Torrent File listing
Block.0043 Block.0043 Torrent File listing
Block.0044 Block.0044 Torrent File listing
Block.0045 Block.0045 Torrent File listing
Block.0046 Block.0046 Torrent File listing
Block.0047 Block.0047 Torrent File listing
Block.0048 Block.0048 Torrent File listing
Block.0049 Block.0049 Torrent File listing
Block.0050 Block.0050 Torrent File listing
Block.0051 Block.0051 Torrent File listing
Block.0052 Block.0052 Torrent File listing
Block.0053 Block.0053 Torrent File listing
Block.0054 Block.0054 Torrent File listing
Block.0055 Block.0055 Torrent File listing
Block.0056 Block.0056 Torrent File listing
Block.0057 Block.0057 Torrent File listing
Block.0058 Block.0058 Torrent File listing
Block.0059 Block.0059 Torrent File listing
Block.0060 Block.0060 Torrent File listing
Block.0061 Block.0061 Torrent File listing
Block.0062 Block.0062 Torrent File listing
Block.0063 Block.0063 Torrent File listing
Block.0064 Block.0064 Torrent File listing
Block.0065 Block.0065 Torrent File listing
Block.0066 Block.0066 Torrent File listing
Block.0067 Block.0067 Torrent File listing
Block.0068 Block.0068 Torrent File listing
Block.0069 Block.0069 Torrent File listing
Block.0070 Block.0070 Torrent File listing
Block.0071 Block.0071 Torrent File listing
Block.0072 Block.0072 Torrent File listing
Block.0073 Block.0073 Torrent File listing
Block.0074 Block.0074 Torrent File listing
Block.0075 Block.0075 Torrent File listing
Block.0076 Block.0076 Torrent File listing
Block.0077 Block.0077 Torrent File listing
Block.0078 Block.0078 Torrent File listing
Block.0079 Block.0079 Torrent File listing
Block.0080 Block.0080 Torrent File listing
Block.0081 Block.0081 Torrent File listing
Block.0082 Block.0082 Torrent File listing
Block.0083 Block.0083 Torrent File listing
Block.0084 Block.0084 Torrent File listing
Block.0085 Block.0085 Torrent File listing
Block.0086 Block.0086 Torrent File listing
Block.0087 Block.0087 Torrent File listing
Block.0088 Block.0088 Torrent File listing
Block.0089 Block.0089 Torrent File listing
Block.0090 Block.0090 Torrent File listing
Block.0091 Block.0091 Torrent File listing
Block.0092 Block.0092 Torrent File listing
Block.0093 Block.0093 Torrent File listing
Block.0094 Block.0094 Torrent File listing
Block.0095 Block.0095 Torrent File listing
Block.0096 Block.0096 Torrent File listing
Block.0097 Block.0097 Torrent File listing
Block.0098 Block.0098 Torrent File listing
Block.0099 Block.0099 Torrent File listing
Block.0100 Block.0100 Torrent File listing
Block.0101 Block.0101 Torrent File listing
Block.0102 Block.0102 Torrent File listing
Block.0103 Block.0103 Torrent File listing
Block.0104 Block.0104 Torrent File listing
Block.0105 Block.0105 Torrent File listing
Block.0106 Block.0106 Torrent File listing
Block.0107 Block.0107 Torrent File listing
Block.0108 Block.0108 Torrent File listing
Block.0109 Block.0109 Torrent File listing
Block.0110 Block.0110 Torrent File listing
Block.0111 Block.0111 Torrent File listing
Block.0112 Block.0112 Torrent File listing
Block.0113 Block.0113 Torrent File listing
Block.0114 Block.0114 Torrent File listing
Block.0115 Block.0115 Torrent File listing
Block.0116 N/A File listing
Block.0117 N/A File listing
Block.0118 N/A File listing
Block.0119 N/A File listing
Block.0120 N/A File listing
Block.0121 N/A File listing
Block.0122 N/A File listing
Block.0123 N/A File listing
Block.0124 N/A File listing
Dump Collection N/A N/A