-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathmalware_hashes
364 lines (345 loc) · 20.4 KB
/
malware_hashes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
# update from 2020-03-25 (hajni)
# source: SophosLabs
Files /Hashes Detections/FileNames/Comments
003f0cf91f42679066aa56d04b13b2b505699ec5 Covid ransomware
116c53f92ec5df35be5ddc5dc1b1d86209a126d8 Upatre
1d514ff47775fcea0777e7093d0293418f398281 Coronavirus status.exe hxxps://gisanddata.maps.arcgis.com/apps/opsdashboard/index.html#
21c9c3ab3d65ebf98155d247b99679dc78b69cc6
21c9c3ab3d65ebf98155d247b99679dc78b69cc6 coronavirus.vbs VBS/Agent-BDZG
2841ac71665c4af28934fdb2e49256a22ed1a417 Coronavirus status.exe
334160b2dcbbec12712daf1d39b257e64e97af64
3d1ac2ef4bb3adf0a7f5319b3d17e565f2889da4
6325ba540232f561a67e2f5a59a7a2cbfd126cc1 Troj/AutoIt-CYW, Troj/Steal-KA, Troj/MSIL-NZP
670cb5d18f1095ef68836251e509a7a0faab5502 VBS/Agent-BDZG
8926009b3d9c76ec9f30a42ac149621b5a722a2a Troj/VBInj-WR
ab2e0aeb33bf617591fbd73353754a94c87f1547 hxxp://browserinstallup.com/1.7z
b69e66d344d323c2a163121b5b52dd92ff2c36d6 Troj/Steal-MC
b74f9f968850665632f91c1e3ba08a10d4980711 Coronavirus status.exe
cadcbdbfb3e8abfa3d513330f91cdd4669540c50 Troj/Ransom-FVT
de0f224e3f69ddb134b86137346780f816285538
ee69dee860a6851f438f17b348fdcfc7c854719b Java/Drop-CDQ
ee69dee860a6851f438f17b348fdcfc7c854719b
ee69dee860a6851f438f17b348fdcfc7c854719b mapdirect.exe Troj/Steal-MC
f3c41a83f02be6bf966756a1166f4ec7bcb88acc Troj/Ransom-FWJ
48d21b26b4bae1a8ed0af551fa972fef5f556838 Troj/Delp-CQ
# update from 2020-03-25 (hajni)
# source: VTI
0a2bb49d5ef5ff401b787032e71149272e29a76b14c2d99e3394c7780ebbe15b Company Name: hxxps://www.covid19crypto.com App/Generic-HO
0d7bf287d5ae6aacf5e7e0ad6c355f3b37caa8e48de843ef72abc212ae99ddca Mal/Generic-S
198295573b6bb58a2b42ba6da0760904e79e3f42c087fc7776415a9242b626f4 Product Name: Covid-19, File Description: COVID-19 Miner 0.0.0.1 () App/Generic-GK
1ae52affbb92ea7a4dbe175913ce2d60a1545fd4c87aa24d9fcdc2702d7f3ee2 Troj/Fareit-KDF
1b16e31bed19d05639f8db558f91a6d55214b952e16b29a018acded05f8dd5ad Mal/FareitVB-W
305de844143648ff85b429ec3ffb3c1af1ef78e430c701071385d06435a41e5f Company Name: hxxps://www.covid19crypto.com App/Generic-NM
34003424045fcd432882d2bff19507c82aa170eddc80f343b8c341f1b8c115e2 Mal/Generic-S
3b3da7df19d10e68b6d54fc864ec5f041a2d95ca56fc8c0e07f8746c67aa63b9 Covid-19 informer.exe Mal/Divoc-A
500cc6d2d18f3d90c9d028e6ed638c9d5b45cb9beb122efc81249d774ed8fe8b Mal/Divoc-A
67117da1c287c87c2fd3c78195aab73299e2dc3351f25864a47a78e80585773d Covid-19 informer.exe Mal/Generic-S
7a9ed9f22a57bcef35335e9ffaee50a21430a6df4e1503a72f3eccf8248b2031 Covid-19 informer.exe Mal/Divoc-A
94d980a69355ef7357ecdd451d62b4fbe7bf73baad2f4de0d1cfb8bd80e30b42 Mal/Generic-S
a0cbc38c83fa95d6708fd999d623aaa97fc8faddde5de0dd40bcc44b69a8984c corona.exe Troj/MSIL-ODB
a2965900b82962ec41ab7eec01c3eaf95159a6d0b5a64542312724ffdcea7810 Mal/Fareit-V
ad3473ea618093a08426c49c0adcb1eb8ee56823af2486cbe3c7d6fd5036d0a4 Covid-19 informer.exe Mal/Divoc-A
b298cac5d1ec32008df574fb6c5e8f8ead29eae727d75b6cf1d47bc562d8764d Company Name: hxxps://www.covid19crypto.com App/Generic-OK
# update from 2020-03-30 (hajni)
# source: VTI
37dcfcf02e417943004eaa959a4cd5649d57d0d0bdad8405afef8ef1ca4e2637 Mal/FareitVB-W
566841eda529f4eedf5a734d92b97ea34f34ed2196cd258221c1c46d958a0b28 Mal/FareitVB-W
58d3f184c2931513d43802dd700f3ca353abd80bb30d0e11a0104f6abe58a8ce
62dbdf22df86752b88a2fe2688ab055b76a3f4c0f1528cf701ad3bdaaeaa4fe6 Mal/Fareit-V
77ccc8e4098cda8ee5e2e1933a3c5e630e56b1ba17550648f0660c3977d0ad08 Mal/FareitVB-W
a0cbc38c83fa95d6708fd999d623aaa97fc8faddde5de0dd40bcc44b69a8984c Troj/MSIL-ODB
d838aa8907841fed567b39f3e314c499822fbc857c4edee63c05897f6709258b Mal/Divoc-A
da26ba1e13ce4702bd5154789ce1a699ba206c12021d9823380febd795f5b002 Troj/Fareit-KBO
e2583bb6af234dd1e2f4eea52c2446822152442e8cf27b88f526b5b6f7cb196c Troj/MSIL-ODO
# update from 2020-04-02 (hajni)
# source: VTI
0074dbe937cc0efcd5eb38e5c214d6c20cc0b055e80a21d74fc84fba4ed908fc
039b7203f9905d265d07a6e295a9def87f104f8db419a20ce57b921363e55dca
04e1e77d53bc0f8086974f5149e09e865a19e270abc182fe776dcd7793e08b1a
052e19392c73c979c31554983a4aed5589c4ece553083dddfb4fe14ee55c440a
09074d4ea889f58beb5c6873b671b8655ff99c6677fe77bf8ad317dfe8f947a1
0c56120d1ab3a655df61c92eb9c46cb01e1a9332e63e777fd01fc5759cd7e234
0f2fb92d86cbb06bc1b0097468cfd561f1e51aae50fd6f22df3453583e0ab7d6
17a875f2105979aa542145a8e07d4b5b4c73bb6b36c3cc20007714739a021d51
1850e864ab4729284d9fa172084db02fad035cf94cb04cc86d7e5eb3abfa702b
1a0c69309f3cb0178276f2046cabeaff06d2799b2383a96dc31e5ec604703c16
1ae52affbb92ea7a4dbe175913ce2d60a1545fd4c87aa24d9fcdc2702d7f3ee2 Troj/Fareit-KDF, Mal/FareitVB-W
1e4ee522608d7180786a6944b9b7faeb3fc81c2ce337ac03824fc332e9fc49cf
22c79b1b5f13a1133cbff7f937d3f87e03e7d5b335674a776a8a5baa2d72e334
26abb5211c93abe014769807c1fe9802257b4a9851cecd592391ce7a8a4302b2
2c86f36afe288f0c14e3fdb80f130975dd009cd63f266b9eed1d75251eba41ea
302f7e5883553256723ceed949c932662bcc4d7f628d378bd4109118e67bc915
32b74c535ad1ed22d831dc19c2700035bf983fb58fa0aea9a8503fafd7cb0ca7
3d979a61a18d61fcf1a11ca3ae431504344aa4095f341653ca1f02f7d1290ae5
3e6166a6961bc7c23d316ea9bca87d8287a4044865c3e73064054e805ef5ca1a Troj/NanoCo-AIL, Mal/MalitRar-I
4242b7ecf6c53a0625bf1828a21eb604e328c5218161e698fcb815ad2dc597c0
46a90e9cccb58922445301bcf41e8d618633b053c89ba03a5eb74b095a63d6cb
477678be6637d6f5d8f0b21c5af7b8b5a0cf1241de4dbbb85653424a56da9402
4c1d3e76d90f58897ee1a06b4c150d4f8a3203f8ac29e821837bced1e3a57d80
51f9de698def62deed366d1052de980135828c2eb2bf872dc5c8cdaddfc65624
54dda638bf77fdff6402529ec5858b99dc3a221ac778c3a1eba6626751eaf9bb
54fb2320e562ad8821bd03ab946d4ec40bb53a36697633d122bbd52ebb2eb1d5
55361264bafcf9eb9fe98fd6026391cce8c9abef05850a2e695c1e950d5725ef
57b71fd96dc4c9e0eb8c0e079367661cb0c81cc4a5d461c7c8863ed96de8af3a
5826b7257abbd4414c6da7018b937cbd48b56f94726d79a6dc04b2942428aeb8
5860f31818611949f483789d575b7cf8f0ff5620a72a7e9142fe5a2d6dac5de3
58e55868460722cf4acccec6a4a79d5180e22c87cc79d0e07bd88f36042eba05
5aae26bb04ff96481c63c4617ab4d5bad13fdff07a2ffbb318272777416c2578
5d14706f7441f89c9a988cf2059897e29177508d0c594a3209145918174741e0
5f5443939a6d56411bdfa10cf805d9d9beac2ffe95a780e3b67894fb15d803e5
60d368d3177a6bd1a4832782155bcccd596e15175be6a47823d3d908d3e064b8
60e9dfe954acf0b02a5b35f367cf36ae2bc9b12e02aa3085495c5d8c4c94611c
6317b208a5c4238fb123eb7b44bbd12df20f42779d740c843cad5fbba8a671a3
63b811bacc795a3a2b0c1833b14cd3e4b076d605f8d31a4a3ea754619d13b596
64146fe00520179f9652262c722533c30eae400c15f9019f560708ba7684c535
64c71d8aa407330dd9e2032ada7a9a5a045046f5ebf0787aeea97405aca24d45
6534f878249c98ba61089ecae5926346cc53511a2d8b8dfd631dcd45a5cc8c3f
65738700c0d5d6e59e2dec4d93d05019578d6cbde764d9b42822a600b2e19a3a
6917b4cebb960b7bf91a32a34a30d3680f48b7389ac3894f9e2832ddf0ecdae9
695a0bf29f4537f4cff4c98c627913d82bcc9a3e5221ae57a9b63e069223d907
697e868e3421b24f28636492e2acf1920e9dc6376ffb66634b746915a47667b1
69d7cee60da693751748fe06bb177ae3d70ae946239eb32f61e25babb4a7e4c1
6a1c00c82799abd5ca310042cf5814a6c2c3599849b583910ccf60826c9499e9
6a947212fc6343017652f323a2cafe7845dbf2e56bed993c0ef8f2b3ab99f028
6dcdca37851e59bf5138c97cb99d75171c7bf4c04dfd5d5164aefeef950dd534 Mal/FareitVB-W
7602ef063bf7203b635274afea6643df3d8a9fca33b1c82a8d763e7907fe772d Troj/Steale-TG
77a18d69c7c9169aba30c2b37171c7336693e522e4703cb86c24724bb565853f Mal/EncPk-BQ
7831a097cd82165a90d768f3d79fc24982e5a34e78697c44bb66ca55f392b065
7871acfc6f5e839cb764fd120ee9cec7585ead0d4f4e5b1c526baa6a2b936d29 Mal/RarMal-E
79948a9b297eab828992c829f2f3c67ee7bab099c5fabca61d12336c936b4eee
7b2adf1c8ff725d7dd61b0fdc3ef9e6e3a8bd1b744fd209290a1bf65f9b9acb4
7c0317d2b6d6b915bb1a343f38ceed323dd6707f8cd6eb73c3513fa840aad5bc
7d69779682f0f881aeb872afe15e7739361649387003ad1ee3cf9deb1692bb28
81ddefb34cca62c3f988f9c3128221278eb8f1af0147112fa983a52fa131669d
86c5e225b1c4df0b74dbd4bc8ab5337a73c5ac10eefca8281c08e684644df9e0
8736c00dcd6045f663308f839053b1a38c47ab0f891c748879903dbdee874df7
880b48dd4db9c59c37e8ba48f11b7aabc0990413f3808fa19df9c913e6831ec9
89afc8556420dc6ce287d7911e2aed787479e26d9d91efe5840e30029a7335e3
8c9767de004fac7be4b4e6bdbde6981e4227de59b0dd165e8ace4b88b53f76bb
8dff440575f32c8e1343cf2360c864e5928b70ec28509a09e59ccfe20234904e
913474b552963e6839815bde2002f8aa0f5df88d5c9d01c83ac2e46d82b67cca
93de31803ecffaf124bb78faa53d21793e3213cca356457536227a4d69163b2e
93fb5df147c1af971f4f601145b7eac3efc2699f9a6a57b0f879271ce9d3c28a Troj/Steal-LG
94204f6ab129e36a02ab80df8ec2fedf50df31bf3dbafc03be052771a96f611e
9a7de2ce3a62eedb43ad0ecbc9cea04063b1b27a37377684b3375178a0303401
9b1fbf0c11c520ae714af8aa9af12cfd48503eedecd7398d8992ee94d1b4dc37
9c65e23699ed0a8cf018f39e9c1d7cec347c11e71d84b96c85b006bb8833cd8a
a08c6a65851bfe6b9c33d42c54d64869293f6119f9dd94cc060c8233e647568a Troj/NanoCor-BT, Troj/NanoCor-OC
a21ee1ab30e60500399ad6b58697c4f7c38a8595fd043465ae954e1e026a5fd2
a621cde9778f6fe594633e515e55db31e70aab2109d72a12ad14e502dd873ec7
a6cc856405546af76f769ae3148e782571675af436ae9701c17d081266d6c835 Mal/FareitVB-W
a6cf05f1629ac05fd96e9a535de21a9112c854de8e39f3cd407143759e656b71
aa08ff9dab678ca12b93b736e9c19c3fb03a2d9398509d228eb51990853f5638
ab97476ff5ff1ae380bffc8b8cd23f7a95bde04ee647e48ddb6bdc2c508b81ba
ac09ca9baac0d903a13e404464b402fa225b2777f7eca3e89f74fb5fb68121bb
ac2878b53c2f0ed69fc18d9e3d28ff40f68e9dc1ce4288f8b93e3ecb44860d0f
ac55c5cd2c912812a818fab1a70821eea21c50ce12231f3b206e194b3491ca13 Mal/FareitVB-W
af25fc16cd9aae783ca82d2a5841082d59e2ae5d12063c02d62e120c347b7bf3
b22bc9fc0b776a0bf7cff49eac730154e39eca0130e235f502bb295b1487bd3c
b48693ae97a8dc32e72c360c619a9ed82e52c5e5f3fd8ff0354a6f6bbf5ed0ff
b5be9fa92273f714b275d86ee6f739459de1f738de20f0355c5a893fb3998375
ba4ce480941af5cf8c40d473405504ee28f6b317d31fa5e3534957e90ae28f03
c2798ad9a095c5d5ae5485cbd109134dd05e1be4a00cc98b89318ef97d3db4e4
c69453b690e346e111684ff026a0252fb7eaef9ba195bb30a207dfed0fed38e1
cb71541005c0a8dfdd7d568ee9e03ecc22d8b03ad299ef4642f57d996b9fc2a6
cca180c186f415db56b7f870994010db7e678615e35ec3d630e3b81355bfc1be
d3f86eaa54136d07b2620b450cba9373706dbff691c017a68e124fcd35f1f719
d4c36446a3e547828bb3150e914a9d4b47a11acc8eaab4443dd32f92badc0723
d80657fc4282507bb658094354fdefeaab34c4ca320f087c855c3bd6a3a4391e
dbaa68c1af55b412badb6733e084b7ca4c560e9b50dfcf49c2c9db3043f0bc4b
dd6d92303bf5ba37204b326c9500213ffbe75fde1fe11715363ceec895258a46
df1586f069b464d76866fec6112be50a133204039dced7faeba57503fcfc0603
df64f0f3d7e354f0f2adddd903f709e4ef34ed58e86b453fd24180eed1b73668
e23283a8987ff031442355e9d85619cd73f157bcddbc413fc518f11e8ef6432f
eb5a10a4e4ddd8297a74d48151bf8b6ba113e7f81ecd9714c2186296d5fffc7b
ed3cf8322d743f0dcabac0e416bcaac12f3acf795cc698686ea460acf7977da6
ee1b9989e19b9a55d04741a5a263b68d65c8bbabee62a18d7fdcfece5063f474
eecce17e203ade00b45a21a0a81c58ef049b9f716a6f5dc84e7b86f1326de926
f145b0a95882ddaf58ae1851bc8fa3d6cdd2d4c87a3bba9d65efbd5a4137bb6d
f3138a57d62a63c085cc16aaeb8ae6441a2a8c44d54f06777a5aecf5de655da0
f354c2eddf42f594e24574a578f72ef38fde3da21699edf06df0c8b20355b35f
f4ea92ef9a1d740882600757d278df1527d74fd1995745daeba7bf26efa96b04
f55dc56dc33772f798baf204298f92e3ac82087f435dff11bbf1ee1facbc6539
f8e041bed93783bbd5966bfba6273fe7183464035ea54fe1d59ff85a679b3e3e Mal/Fareit-V
fa1ce743db394e7c4728c53e4ac62a489a0077cb60efc7d36d42cc693bfc448a
fc125703763a3eacfe1e4d804c799dd55d99fce35a167788379428b61bbb8c65
fe7ef31fa2f238d6c957669500fd8fd4d0ba228a52cc2f6b012ba3ee2362a600
# update from 2020-04-02 (hajni)
# source: SophosLabs
005b4c91c8cb9a7322de7b1a693fcb206e46cf36
025baf82fe8fa23d83d11b7d4b66433e98a2e71f
058a59580cd1ed832af5f0aa7a30c07fb2ac7e24
06cd26565eeadb621470a7358774268da1c73d76
0e2f9ae5d6f6055bda0bd06b37356585b652b251
1066bc00049191a1df99b24ef7756cbe00bbd63f
1104e9084af62689edb32f20777c723f0804e241
1557f5885afd7023f6b0ed04560d9d023fb33752
183ea400c6f9dd4efadbe6f8a9b2093710026f3f
1d4313e81a64b9fd67d4e3f50b40a8704ca016ed
21b4383de03bd08053e9cecc55ccf4040b3c7b86
249dcee642d22c54450dc48df237cf02662d2977
291307b0709a0739ba917152d016c704e2925877
2a1089e6e9dd72b10a363166a8a06b6fd7391fdd
2a9f57d18ee818d3e9516f832ae755e5a30240a4
2ddc263f0215333f52bdb565ca2bc143c00746b2
3179b07d11f65a1e17eb76e77a6249322051ac58
338faf59ad96b3a6574b6bef89a63fcc93fc58d7
3d1ac2ef4bb3adf0a7f5319b3d17e565f2889da4 Troj/Ransom-FWN
3e997675b0df2559f5c36fc1acfb43fdb5153aba
407c449e6a78ed0b945868f10b596bedd86e6402
415d7e918ba0590c53e942a978ff12d620b694f0
42f5205a1b26d6223a1988f561bfb5cdef702ff9
435b151147788514b87408de53a072eec13268ec
473e4a3f73f56d0b3e4aa9a490091b0cfe566ffe
47cbdd6e8bd5233bb8d3c190788ce00bfc1e63c6
489fefbce2bfc31ede88291442a25f65d70f4080
4a37e4d1b9ec5952eaa9c65dd42243ee72e100f9
4d0edfcda56a2181623d571cab153f906d54a637
4f97c56bf276a3fc851d9df10d7cf015a2555fec
500ba2b3b2cea3a84d34e178eecdd8785c800e0d
55e82669937b0d3b86ad056d37931511cc2c7fcc
5640552de347ea905c86fa0f845a43be3d2b5c6a
58ce57ddc53bda3ef616bcb6280fef186770f349
5e353c221ad8c362e1fdb473a0ee0e9a3de41831
5fe0a6296a940a4f6deca6b68a27b5278fbf0934
61c72e89780e9a92550f2956f58ccb1151d602b2
62e8d89c00284649c9b098c50f255f955807e7b9
6423b2b05ae7abce99dd00fe5b05d36937ae9126 Andr/SLocker-CX
670cb5d18f1095ef68836251e509a7a0faab5502 VBS/Agent-BDZG
674e2b44ad98ce87e75c3973baa32d1d4cd628b9
6b0ccab68b69f65484056fd32ad0943ad8399071
6b494e5f7caa8b017fdd28df969104a8da7ad15e Troj/Ransom-FWN
6dd856bca7faf12c8f1ec11df9fb38b7078b1bee
6dff1ca664b54ff549b8d2d519640741661c0859
6ea9231015253dbfedb812b562bcdff734a3912f App/CovidSpy-A
722fdba9714d23b1e550811852989f25ee2fe849
74fb2bf5ced1d3475b7867bc2739c4e99e4370f4
75dae475675cff4ba4663824e02b4031fbc53a56
789ba68607e0059b75eb7c325fb5f4db30a6694e
7b6e409689f947a387c28a06909aabd17e325ca3
7c0aaeb5c6d5a49a28b320d558833135595b11d9
7e5ac2362b1d8b35b586c74dc1c6456957bf3eea
7f5b85ac264f88bb9df85b4b2bb80da774b3f993
821e48ea187091a865c2922e0abf7b2fb960693f
8298d94d6e94c751f1c7295f437e444dcb9dae0b
87aae46425e5aaf6be4afc4f42a6d8cdfa261973
8926009b3d9c76ec9f30a42ac149621b5a722a2a Troj/VBInj-WR
900515ed1c8e56bfc4636f0fc369dd9090fb7296
9572fd68b82cbe93e400f1e4c66b34ce72e120ad
9661341ef8fbdb08ccd0ede62af417c6633162cc
96b69d0bce67c7609cea63269946060c8c061f97 Andr/SMSSend-MM
98996cfda20fc7aec97bab22472b884b20f6ddd1
9b995fe1c9e94cb5a92687634f13892028de4ce3
9c1a44b012126478317202b5a775904e072b0e53
9ccb5bdcbcbefafd29632793add7c904e19937f6
a35c12a07a3d9219c17410206e6299d4ad73f25d
a50469b881ec9beb696f49b0d275e5c9c7ab8051
a67677a640b111c60eda437400694000f914ba72
aa2c717bc19e57029c9affa2cc76fd6cde48f1b3 App/CovidSpy-A
afb7eaf4dad4372f633785fc0cee2c74bfaf7660
b69e66d344d323c2a163121b5b52dd92ff2c36d6
b702a908032f50f071296c75a9a48b3998c6481c
bd266bce8bf7a672a559bd7bc713cb491ac1fba8
bfb73759fa19b365165be44a3ff52ad83249b851
c129517b6c09b85a34440b271846ea9e46fe8e84 App/CovidSpy-A
c62f5acff6f19742991410b8c6e461c18fa2a82a
ca7e9dc7c321be6c74dfeb66617c552c13386ea8
cadcbdbfb3e8abfa3d513330f91cdd4669540c50 Troj/Ransom-FVT, Troj/Ransom-FWN
cbe2897a143bfabd18f48884cd9e994cbfc3f927
cd96033f3654307c10e6e38ce883f06de910ad86
d0b4f1d563e5820e282778e6e1ab80c415fed1ca
d28ab4d5017bc8ccaecf214d2104eb4f080aab08
d3b2630a51d07e3a360fbca11ad67b68667b062c
d50315cc212ce7575f3a11cef9b26379c4c2305e VBS/DwnLdr-ZSZ
d7dcbae314d00f3b5c0fd4fee81178dd0a9a5b03
d98000b51caa6df6e5a85aca05359c8398e3aa85
dc3a48b59fc434d136742d08bcfc9fbbb834136e
dcbf32580d6c4f174b5df92185579902bcf5fe44
ddf3c37e30bc05e53e9f3d7d1de8fb88ee3f844d
de0f224e3f69ddb134b86137346780f816285538 Troj/Ransom-FWN
eb825fe566d3cc84cca537831e9fb3a8187fa57c
ee69dee860a6851f438f17b348fdcfc7c854719b Troj/Steal-MC
f03217490c7223dd897136a3a38b3d4d3b9e52d1
f1271aa0ccf79d16b036bac5320ed4349af69b65 App/CovidSpy-A
f178e5f8110e7946b638221e67889b74b9e2e88c
f1fc30b17e69e749ebf652f1e501645aa8643732
f3c41a83f02be6bf966756a1166f4ec7bcb88acc Troj/Ransom-FWJ
f5d2e0661b5499f518c6d7c7074977ed6df7cf33
f5f523afd0ec76f4721a91d30a014bc400cb60b5 Troj/Steal-MC
f631b8641426eb424829d3da23cb5cd600f55710
fcaf3a6b783de132854bbe6ccba49359e77820d4
fd77b5dd0ca45d110a897d650e9fb146d4b4aae5
fd90006935eee8ce9208c6812e44801cef61cbb2
# update from 2020-04-15 (hajni)
# source: SophosLabs
7f074da30cf80ed80b347caa11ea4b58b72f0888 Troj/MSIL-OFJ
49647f7087a26e0fd6cd98f2f503bb09aeae0c1d Troj/MSIL-OFJ
4399008e558b39440a6e1394f3663417c5288885 Troj/MSIL-OFJ
e55b206541c0f903603fb334c30f9278f66d0053 Troj/MSIL-OFJ
2e010c31b0a410856b662cd05c5cd0d7e6f5e011 Troj/MSIL-OFJ
13a0434c8c1cd596bac7745d3db46e1a3196e74f Troj/MSIL-OFJ
# update from 2020-04-15 (hajni)
# source: VTI
003cac706fca0515ecf2dde6f0f4c9bcf4b2903e7309bbd3082221f792422772
0a25acd4beb150c5f119a3cfb4bfbb59e6276aac8a17d7382e62036f662b3c41
0a6f58799573f8dc4cab3ceb48832902460b893bc5607cb77ade332b7d4f3a91
1039184e776d2aa1025bf57bfeaa4c1b6376dfaae0e849a87f7ca7f8ddf4303d
13ead80b170b44ce9aff00a2e0d4bf2d6974514574585bb92ec5531362eb822f
192d0e2d2aa44cbefd31439f2eb03d386aa1721964d1fd05f839cfb10b7fe01d
19d43e6729a0302148316c7a56206b63eeaaab7d7531f6e7b5ce7fdb2998e75b Troj/MSIL-OIA
1c2a2de4b079eedff7aede6a2e8ecfbc22280d86463c3e06f0ee35948bcfa78e
1c9e59d306351be0459bf1d2a780a4aead7bac853d19dd8deeac6cef09e814eb
1f823b25d66c787d8ecec3ffe3122cb2bc0a00334decd980a644eeff01e3c267 Troj/Maltor-A
1fcb657bbf6915cd7cf1d2f2b0fa457d3d62532bcc53d6354ebb0cb5df1d3b7f
21fdab0d47a07cb79ffa755a9c5e1cda4cfa4aed7923fec21375eb0015cafa5a
225ef4fffc17358aca8fc8ba18de30ee9f3bc21a2cc956e7a5710f8a99351cd3
245b861fb802902aac447e9d32c35f741928cc733f83d584829c1328a7460bc2
250339032afe02c36d5705f95f6cb97b3ba7ad6259b31f65652c2f4d4a10281a
266757bb15e4b7cffaa44045896c8ff4118a1d75e8ccbe4a9730bb6179f2bd32 Troj/Ransom-FWX
28fe0dce8ec6413d1be12d6ff26b1ec9d2b753339e1e54c2345268d3b4a86b4d
311066c568dc29f96aa4eb47fa811135ba25f06f5cbee062d893f10e1761b249
37195dda508f7fb46a9c1097ab765b88a48d2bc97be2106a12526c6a043eef0b
375242e87513b8b2867d4f24c0e83e79a28adb98abc0b948286027af60ffaefc
3a7ff30bf0e05419f72ca60a9caa6033533d64236682557bdefd755cf72d5bfc
3be27b7edae6b4f3783e8f42aaad8d7dd73cb3ada76392d548ae03a487bc9e8c
40a28bcd44a3348b0c698efa5cfd48bab8553e31202816ebecf62d23880e78cc
4d02a7969e34cdedb37997496c951b9e37f40eb8228deef6e436a3781ce00966
4f91c8f0436e911bef6f4736b6eb604ad130d9550c3a812e392f3fd7f349c613
56bccc766034660a8d7e4b0551bbf8d604725f85163059eb5d39d3f44b982224
5e3e874b7f87124567d4716a6f0e8d696bae261550b399649a9fb3a85f2e0d5a
66fec3cb320e4c0e2ac1dde740bc27c8a4b2b1a81b6ae77951e66ec032461e31
67eba510a4f1e3585c990398d94f3dfd051701043bb3ed5141622b55b1c4d889
684a8971fc528c9e99b2407ca0d3e4b0bcb50361ceadd584c62a6f36eaf782c7 Troj/Remcos-DI
72c778e362c5d0c2eb52a70107c868a4aa52c1e5a87e363e63547fc871d94583
765d90f80fa1fe7f9c91cc4f8e7783bd6621a33a7448957150fd5454534b5837
7789f6e448a70d079e28ae36447e17b4ad88f7c4065f40b2506a427094705e01
7d3c96cf5e202e636d9efb5b740f0e257c80fa5658d153d5ef9ad653bdc3dd42
823f92ab9007ce600f20b5e57c4ba1a31d0e076cadd473154168ef5eacc6490a
83d1b796c474245c077eae07daf47ee996632dad12295fd366e6f8b4e3c86dfb
9937b3e4377f87a843c8da5ed01bfd5a7726217bc704b9cc8f9056797d55991e
9f8c4f115c6d31e5733982e91a686c444efbe4a221bb299aa18eb3f5ab68c301
a302f9e7bea23d2216e4942928de5c19296e51b828716935a278e8375849c862
a9edbea1be61ac6f29ad57bde5dfaa7b4b2c6cfa29a7738f1c6014a8c9380a8d
ab1e12d12060016d837611f2afdf122eb18b16a8e59e1aaa86d592454fb044bd
abbdb85fcf1dda86053f93592fbf408023a631aa4ec459ac9940352f63f2453a
b1cc770a7631e4d8630b2855ad425b39ecf4a45db09c360c25ac93dd29f34e59
b4bb1c3185109534784623a42bd1690c48c2504115c920f06443e889002e0fd2
b6107a331b9a1ff6058a77c824abe0d31ea0b371e3a02a73bc8ed4b4fdb81c50
bab1b0b58de07d7e680f79a673f4209dcd213a318c17cbec29774390760df1ff
bfb18aca1c7736e16326c8c9591b5e1edc31a9626e70ce25c14a636397ab4513
c25278733d7bce6118ecd1ef93d8892d3040a60e69f945f49d6d20f6179051cb
c72b39d408f3bd4a0b6bdc6bf6d0b19dcb9f75e714f9897a5ad57894e5767de0
ca2d8940c9c9157fef6176d930ae0ceed2025c93990e214d806ae1e8c196e552
cd9d74c8b978fa9020df600425b57777b53341ad79d9e1090a39e1d2dac60a0e
ceefd0130e5580a8f8b9a961fb34e41fb88e9de5b4c48fa3f7a116e0bd2da843
d075d6dda715e8d507f7fe8cd9debd7a3e6032ecdba2de37b6dd5c5dcec96c7a
d120ba7490a54f683cc45e555c6b4d20d527b16016a4e125c41e33a0d47e76d6 Troj/AutoIt-DAN
d62856d3faa446b2b0305691aa0a1cb4d03c12e24a6581285a25b15e10b5cc67
decc450d86604bbb8cd0fd6d84ba833c807d045cace7b00a24d9bee269209560
dfcc18b56b663e416ad36af4c59a5ac6a479436eb3e4b1a571b2637637dca742
e37e013aad810bf0ddc05d30ac0411278c464ab92156eab294894b4eae65efbc
ea700ea0be18af28fea25c0abb5a9eac72eedf5b784a1f56c1efd36cd46480b9
ec049690303c80972c3b0e1c43def295d6e84c19638646bdd3de31645ede6604 Mal/Kryptik-DL
ecb83bec911f88330d8e07ea67a1eeee7e8d176f9c2c4580ab3f1020c25234cd
ef8a61b1f9a49501ded6a2b55bb171e3ca4383f04d0a40fb06cc51da3b7a936c
f0c97c66385e4727932f850c78752abb353d76bc1b364267b0352c0a81f2f2ea Mal/Fareit-V