| Changed | Name |
Tools |
| | 3102 RAT |
| | 3AM |
| | 3PARA RAT |
| | 3proxy |
| | 3Rat Client |
| | 404-Input-shell web shell |
| | 4H RAT, 4h_rat |
| | 7Logger |
| | 7-Zip |
| | 888 RAT |
| | 8.t Dropper, 8.t RTF exploit builder, 8t_dropper, RoyalRoad |
| | 9002 RAT, McRAT, MdmBot, Homux, Hydraq, HidraQ, HOMEUNIX, Aurora, Roarur |
| | AbaddonPOS |
| | AceHash |
| | AcidPour |
| | AcidRain |
| | ActionRAT |
| | ActionSpy, AxeSpy |
| | Acunetix Web Vulnerability Scanner |
| | adbupd |
| | AdFind |
| | Adminer |
| | AdobeARM |
| | ADORE.XSEC |
| | ADRecon |
| | Advanced Port Scanner |
| | AdvisorsBot |
| | Adwind, Adwind RAT, Frutas, jFrutas, UnReCoM, Alien Spy, AlienSpy, JSocket, Sockrat, jBiFrost, JBifrost RAT, Unknown RAT, jConnectPro RAT, Unrecom, Trojan.Maljava |
| | Adzok, Invisible Remote Administrator |
| | Agent.BTZ, Minit, Chinch, Sun rootkit |
| | Agent.DNE |
| | Agent Racoon |
| | Agent Tesla, AgentTesla, AgenTesla, Origin Logger, Negasteal, ZPAQ |
| | agfSpy |
| | Aggah |
| | AIRBREAK, Orz |
 | Ajina |
| | Albaniiutas, BlueTraveller |
| | Alice, AliceATM, PrAlice, Project Alice |
| | Alina POS, Track, alina_eagle, alina_spark, aline_joker, katrina |
| | Allakore RAT, AllaKore |
| | Alma Communicator |
| | ALPC Local PrivEsc |
| | Amadey |
| | Amavaldo |
| | Amphibeon |
| | AMTsol, Adupihan |
| | Anchor, Anchor_DNS |
| | Andaratm |
| | AndoServer |
| | Android RAT |
| | Andromeda, Gamarue, B106-Gamarue, B67-SS-Gamarue, b66 |
| | AndroMut |
| | AndroRAT |
| | Anel, lena, UpperCut |
| | Antak |
| | Antd, GreedyAntd |
| | Antidot |
| | AntSword |
| | Anubis, BankBot, Go_P00t, android.bankbot, android.bankspy |
| | AnubisSpy |
| | AnvilEcho |
| | AnyDesk |
| | ApacheStealer |
| | APERETIF |
| | Apocalipto |
| | Apostle |
| | AppleJeus |
| | AppleSeed, JamBog |
| | APT3 Keylogger |
| | Ares |
| | AresRAT |
| | ArguePatch |
| | Aria-body, AR |
| | Aria-body loader |
| | AridSpy |
| | ARL, Asset Reconnaissance Lighthouse |
| | ARTFULPIE |
| | ArtraDownloader, Artra Downloader |
| | Aryan |
| | Asacub, Trojan-SMS.AndroidOS.Smaps |
| | ASPXSpy, ASPXTool |
| | Asruex |
| | Astra |
| AsyncRAT |
| | ATI-Agent |
| | AtlasAgent |
| | ATMDtrack |
| | ATMii |
| | ATMitch |
| | Atmos |
| | Atmosphere |
| | ATMRipper, Ripper, Ripper ATM |
| | ATMSpitter |
| | AtNow |
| | AtomSilo |
| | AuditCred, ROptimizer |
| | August Stealer |
| | AUMLIB, yayih, bbsinfo, mswab, Graftor |
| | Auriga, Riodrv |
| | AutoIt backdoor |
| | Avaddon |
| | Avalanche |
| | Ave Maria, AVE_MARIA, AveMariaRAT, avemaria |
| | Aversome infector |
| | AWFULSHRED |
| | AZORult, PuffStealer, Rultazo |
| | Babar, SNOWBALL |
| | Babuk Locker, Babuk, Babyk, Vasa Locker |
| | BABYMETAL |
| | BabyShark, LATEOP |
| | BackBend |
| | BackConfig |
| | Backdoor Batel, Batel |
| | Backoff, Backoff POS |
| | Backspace, Lecna, ZRLnk |
| | Backswap |
| | BadBazaar |
| | BADCALL |
| | BADFLICK |
| | BadHatch |
| | BADNEWS, JakyllHyde |
| | BadPatch, WelcomeChat |
| | BadPotato |
| | BadRabbit |
| | BADSIGNAL |
| | BADSOLAR |
| | Bahamut |
| | Baka |
| | Banatrix |
| | Bandook, Bandok |
| | bangat |
| | Banjori, BankPatch, BackPatcher, MultiBanker 2 |
| | Bankshot, COPPERHEDGE, Trojan Manuscript, FoggyBrass |
| | BanSwift |
| | Barb(ie) Downloader |
| | BarbWire |
| | Barlaiy, POISONPLUG |
| | Bart |
| | BASICSTAR |
| | Bateleur |
| | BazarBackdoor, BazarLoader, BEERBOT, BazarCall, KEGTAP, Team9Backdoor, bazaloader |
| | BBSRAT |
| BBTok |
| | BEACON |
| | BeaconLoader |
| | BEATDROP |
| | BeEF |
| | beendoor |
| | Behinder |
| | BELLHOP |
| | Bemstour |
| | BendyBear, Waterbear, Deuterbear |
| | Benghazi.exe |
| | BernhardPOS |
| | BetaBot, Neurevt |
| | Bezigate |
| | BFG Agonizer Wiper, BFG Agonizer |
| | BH_A006 |
| | BHUNT |
| | BIASBOAT |
| BiBi Wiper, BiBi-Linux Wiper, BiBi-Windows Wiper, BABYWIPER |
| | BIFROST, elf.bifrose |
| | BigpipeLoader |
| | BINBASH |
| | Bioazih |
| | BIOLOAD |
| | BIOPASS RAT, BIOPASS |
| | BIRDWATCH |
| | BISCUIT, zxdosml |
| | Bisonal, Korlia |
| | BISTROMATH |
| | BitPaymer, FriedEx, IEncrypt, wp_encrypt |
| | BitRAT |
| | Bitsran, SHADYCAT |
| | BitterRAT, Bitter RAT |
| | BITTERSWEET |
| | Bizarro, Bizzaro |
| | BlackCat, ALPHV, ALPHVM, Noberus |
| | BlackCoffee, PNGRAT, ZoxPNG, gresim |
| | BlackEnergy, Black Energy |
| | Black Lambert |
| | BlackLotus |
| | BlackMatter |
| | BlackMould |
| | BlackNET RAT |
| | BlackPOS, FrameworkPOS, Kaptoxa, POSWDS, Reedum, MMon |
| | BlackRAT, BlackRemote |
| | BlackRock, AmpleBot |
| | BlackSmith |
| | BlankBot |
| | BLINDINGCAN, DRATzarus RAT, AIRDRY, ZetaNile |
| | BlindToad |
| | Blogspot |
| | BloodHound |
| | BlotchyQuasar |
| | BLUEAGAVE |
| | BLUEBEAM |
| | BlueCore |
| | BLUEHAZE |
| | BLUELIGHT |
| | BlueShell |
| | BLUESTEAL |
| | Blue Lambert |
| | Bluether, CAPGELD |
| | BokBot, IcedID, IceID |
| | BOLDMOVE |
| | BONDUPDATER, Poison Frog, Glimpse |
| | Bookcode |
| | Bookworm |
| | Boostwrite |
| | BootWreck, MBRkiller |
| | BottomLoader |
| | Bouncer |
| | Bourbon |
| | Bozok, Bozok RAT |
| | Brambul, SierraBravo, SORRYBRUTE |
| | BrasDex |
| | Brata, AmexTroll |
| | Brave Prince |
| | BreachRAT |
| | Briba |
| | BrittleBush |
| | Brokewell |
| | BROKEYOLK |
| | BroStealer |
| | BrowserGhost |
| | BrowsingHistoryView |
| | Brute Ratel, Brute Ratel C4 |
| | BrutishCommand |
| | BrutPOS |
| | BS2005 |
| | BTC Changer |
| | BUBBLEWRAP, Backdoor.APT.FakeWinHTTPHelper |
| | BUFFETLINE |
| | BugSleep |
| | Buhtrap, Ratopak |
| BumbleBee, COLDTRAIN, SHELLSTING, Shindig |
| | Buran, VegaLocker, Vega |
| | BUSTEDPIPE |
| | Bvp47 |
| | Byeby |
| ByPassGodzilla |
| | Bypass-UAC |
| | C0d0so0 |
| | Cachedump |
| | CACTUSTORCH |
| | CaddyWiper, KillDisk.NCX |
| | Cadelspy, Cadelle, WinSpy |
| | Cahnadr, NDriver |
| | Cain & Abel |
| | CAKETAP |
| | CALENDAR |
| | Calfbot |
| | callCam |
| | CallMe |
| | Calypso RAT |
| | CamCapture Plugin |
| | CamuBot |
| | Cannon |
| | CapraRAT |
| | Capriccio RAT |
| | CapturaTela |
| | Carbanak, Anunak, Sekur, Sekur RAT |
| | CarbonSteal |
| | Cardinal RAT |
| | CarnavalHeist |
| | Careto, Mask, Appetite |
| | CARROTBALL |
| | CARROTBAT |
| | CASHY200 |
| | Casper |
| | CASTLETAP |
| | Castov |
| | Catchamas |
| | Catelites Bot, Catelites |
| | Caterpillar |
| | ccf32 |
| | CDorked, CDorked.A |
| | CEELOADER |
| | CenterPOS, Cerebrus |
| | Cerberus |
| | certutil, certutil.exe |
| | CetaRAT |
| | Chaes |
| | CHAINSHOT |
| | CHAIRSMACK |
| | CHAVECLOAK |
| | ChChes, HAYMAKER, Ham Backdoor, Scorpion |
| | CheckID |
| | CheeseTray, CROWDEDFLOUNDER |
| | Cherry Picker, Cherry Picker POS, CherryPicker POS, cherrypickerpos, cherrypicker, cherry_picker |
| | CHERRYSPY |
| | ChewBacca |
| | China Chopper, CHINACHOPPER, SinoChopper |
| | Chinoxy |
| | Chisel |
| | Chocopop |
| | ChromeCookiesView |
| | ChromeHistoryView |
| | ChromePass |
| | chrome-passwords |
| | Chrommme |
| | Chthonic, AndroKINS |
| | Cinobi |
| | Circles |
| | Citadel |
| | CLAMBLING, Clambling |
| | Clayslide |
| | Cleaner |
| | CleanToad |
| | ClientTraficForwarder |
| CLNTEND |
| | Clop, Cl0p |
| | CLOSEWATCH |
| | CloudDuke, Cloud Duke, MiniDionis, CloudLook |
| | CLOUDSTATS |
| | Cl Wiper |
| | CMD365 |
| | CMDEmber |
| | CmdSQL |
| | Cmstar, meciv |
| | COATHANGER |
| | Cobalt Strike, CobaltStrike, Agentemis, BEACON, cobeacon |
| | CobInt, COOLPANTS |
| | Cobra Carbon System, Carbon, Pfinet |
| | Cobra DocGuard |
| | COLDCAT |
| | COLDJAVA |
| | Colibri Loader |
| | CollectionRAT |
| | Combos |
| | Comet, Meteor, Stardust |
| | Comfoo, Comfoo RAT |
| | CommandCam |
| | Commix |
| | CommonMagic |
| | Comnie |
| | COMpfun, Reductor RAT |
| | Computrace, LoJack |
| | ComRAT |
| | Concealment Troy, concealment_troy |
| | Confucius, ChatSpy |
| | Conti |
| | Contopee, WHITEOUT |
| | CookieBag, TROJAN.COOKIES |
| | CookieTime |
| | CORALDECK |
| | CordScan |
| | CoreBot |
| | Corentry, Fluxwire |
| | CoreLoader |
| | CORESHELL, SOURFACE, Sofacy |
| | Corkow |
| | CosmicDuke, TinyBaron, BotgenStudios, NemesisGemina |
| | CostaBricks |
| | Cotx RAT |
| | CoughingDown |
| | Coyote |
| | CozyDuke, CozyCar, CozyBear, Cozer, EuroAPT |
| | CrackMapExec |
| | Crackshot |
| | Creamsicle |
| | CredRaptor |
| | CREDRIVER |
| | CreepyDrive |
| | CreepySnail |
| | Cridex, Bugat, Feodo |
| | Crimson RAT, Crimson, SEEDOOR, Scarimson, MSIL, MSIL/Crimson |
| | CLRLoad |
| | CronBot |
| | CrossC2 |
| | CrossRAT, Trupto |
| | CrossWalk, Motnug, ProxIP, TOMMYGUN |
| | CROWVIEW |
| | CroxLoader |
| | Crutch |
| | Crypta |
| | Cryptcat |
| | CrypticConvo |
| | CryptoLocker |
| | CryptoMix, CryptFile2, Zeta, CryptoShield, Azer |
| | CryptoWall |
| | CryWiper |
| | CsExt |
| | CSPY Downloader |
| | Ctealer |
| | Cuba, COLDDRAW |
| | Cucky |
| | Cuegoe |
| | Cuthead |
| | Cutlet Maker, Cutlet |
| | Cutwail, Pushdo |
| | CWoolger, Woolger, WoolenLogger |
| CXCLNT |
| | Cyan Lambert |
| | CyberGate RAT, CyberGate, Rebhip |
| | Cyclops Blink, CyclopsBlink |
| | Cyst Downloader |
| | Dacls RAT, Dacls |
| | DADJOKE |
| | Dadstache |
| | Dagger Three |
| | Dairy |
| | DanaBot |
| | DanBot |
| | DanderSpritz |
| | DanDrop |
| | Danfuan |
| | DangerAds |
| | DarkComet, DarkKomet, Fynloski, FYNLOS, klovbot, Krademok, Breut |
| | DarkCrystal RAT, DCRat |
| | DARKDEW |
| | DarkHotel |
| | DarkMe |
| | DarkPulsar |
| | DarkRAT |
| | Dark Tequila, DarkTequila |
| | DarkVNC |
| | DarkSide |
| | DarthPusher |
| | Daserf, Muirim, Nioupale |
| | Datper |
| | DAVESHELL, sRDI |
| | DBoxAgent |
| | DbxDump Utility |
| | DCSrv, DCrSrv |
| | DCSync |
| | DDG |
| | DDKONG |
| | DEADEYE, DEADEYE.EMBED, DEADEYE.APPEND |
| | DEADWOOD, Detbosit, DETBOSIT, Agrius, SQLShred |
| | Deadglyph |
| | DealersChoice |
| | DeathRansom, deathransom, DEATHRANSOM, wacatac |
| | DebugView |
| | Decebal |
| | Decrypt-RDCMan.ps1 |
| | DeepCreep |
| | Deed RAT |
| | Defray777, Defray, Defray 2018, Target777, Ransom X, RansomExx, Glushkov |
| | DELPHSTATS |
| | DeltaCharlie |
| | Demodex |
| | Dendroid |
| | DEPLOYLOG |
| | Depriz |
| | DeputyDog, Fexel |
| | Derusbi, PHOTO |
| | Desert Scorpion |
| | DessertDown |
| | Destover, Sierras |
| | DetaRAT |
| | Dexbia, CONIME |
| | Dexter, LusyPOS, StarDust |
| | dfrgntfs5.sqt |
| | Diavol |
| | DILLJUICE, FYAnti |
| | DILLWEED |
| | DilongTrash |
| | Dino |
| | DinodasRAT, XDealer |
| | DinoTrain |
| | DirBuster |
| | Dirsearch |
| | DIRTCLEANER, CCleaner Backdoor |
| | Distribute.exe |
| | DistTrack, Shamoon |
| | DKMC |
| | DLRAT |
| | DmaUp3.exe |
| | DMSniff |
| | dmsSpy |
| | dneSpy |
| | DNSExfitrator |
| | DNSMessenger, TEXTMATE |
| | DNSpionage, Agent Drable, AgentDrable |
| | DNSRat, DNSbot |
| | DOGCALL |
| | DodgeBox |
| | Dolphin |
| | DoorMe |
| | DOPLUGS |
| | DoppelPaymer, Pay OR Grief |
| | Doraemon |
| | Dorshel |
| | DOSTEALER |
| | DoubleAgent |
| | DOUBLEFANTASY, DoubleFantasy, VALIDATOR |
| | DoubleFeature |
| | DoublePulsar |
| | DoubleZero, FiberLake |
| | DoubleT |
| | Downdelph, Delphacy |
| | Downeks |
| | DownPaper |
| | Dozer, Mytob |
| | Dracarys |
| | DragonEgg, LightSpy |
| | DRAWSTRING |
| | DreamBot |
| | Dridex, Bugat v5 |
| | DRIFTPIN, Toshliph, Spy.Agent.ORM |
| | DRIGO |
| | Dripion, Masson |
| | DroidJack |
| | DroidPlugin |
| | DropBook |
| | Dropbox |
| | DropPhone |
| | Drovorub |
| | Drupalgeddon |
| | Dtrack, TroyRAT, Preft |
| | Dudear |
| | Dudell |
| | Duqu, Tilded |
| | Dustman |
| | DUSTPAN |
| | DUSTTRAP |
| | DustyExfilTool |
| | DustySky, NeD Worm |
| | Duuzer, Escad |
| | DvDupdate.dll |
| | DyePack, swift |
| | Dyre, Dyreza, Dyzap, Dyranges |
| EAGLEDOOR |
| | EarthWorm, SAMRID |
| | EasyNight |
| | Ebury |
| | EFSPotato |
| | Egregor |
| | EHAGBPSL, EHAGBPSL Loader |
| | EHDevel |
| | Ecipekac, DESLoader, SigLoader, HEAVYHAND |
| | EKANS, Snake, SNAKEHOSE |
| | ELECTRICFISH, Alreay |
| | Elirks |
| | Elise, BKDR_ESILE, EVILNEST, Page |
| | ELMER, Elmost |
| | EmailStealer |
| | EMASTEAL |
| | Emdivi, Newsripper |
| | Emissary |
| | Emotet, Geodo, Heodo |
| | EmpireDNSAgent, EDA |
| | EmpireProject, Empire, EmPyre, PowerShell Empire |
| | Empoder |
| | ENCODE MMC |
| | Enfal, Lurid |
| | EnvyScout, ROOTSAW |
| | Eomobi |
| | Epic, Epic Turla, Tavdig, Wipbot, WorldCupSec, TadjMakhal |
| | EpicenterRAT |
| | EQUATIONDRUG, EQUESTRE |
| | EQUATIONLASER |
| | Erebus |
| | ERMAC |
| | ESRDE |
| | EternalBlue |
| | EternalRomance |
| | EtherealGh0st |
| | ETUMBOT, RIPTIDE, HIGHTIDE, Exploz, Specfix |
| | EvilBunny |
| | EvilGnome |
| | EvilGrab RAT, EvilGrab, Vidgrab, Wmonder, BKDR_HGDER, BKDR_EVILOGE, BKDR_NVICM |
| | Evilnum, EVILNUM, Marvel |
| | EVILSUN |
| | Exaramel |
| | Excalibur, Sabresac, Saber |
| | ExDudell |
| | ExileRAT, Exile RAT |
| | ExoBot |
| ExoBotCompact, Coper, Octo, Octo2 |
| | Explosive |
| | EYE |
| | EYService |
| | FakeFish |
| | FakeHighFive |
| | FakeM, FakeM RAT, Terminator RAT |
| | FakeTC |
| | FALLCHILL, FallChill RAT |
| | FalseFont |
| | FANNY, DEMENTIAWHEEL |
| | Fantasy |
| | Farse |
| | Farseer |
| FASTCash |
| | FastPOS |
| | FatDuke |
| | Felismus |
| | Felixroot, GreyEnergy mini |
| | Ficker Stealer |
| | FighterPOS |
| | Filerase |
| | Filepak |
| | FilepakMonitor |
| | FileZilla |
| | Fimlis |
| | Final1stSpy |
| | FindPOS, PoSeidon |
| | FinFisher, FinFisher RAT, FinSpy |
| | fingerprintjs2 |
| | Fire Chili |
| | FireMalv |
| | FireMaster |
| | Fishmaster, JollyJellyfish |
| | FIVEHANDS, Thieflock |
| | FiveTran |
| | FiXS |
| | FjordPhantom |
| | Flagpro, BUSYICE |
| | Flame, Flamer, sKyWIper, Skywiper |
| | Flapjack |
| | Flashflood |
| | FlawedAmmyy, AmmyyRAT |
| | FlawedGrace, GraceWire |
| | FleetDeck |
| | FlipCreep |
| | FLIPSIDE |
| | FlokiBot |
| | FlowCloud |
| | FLOWERPIPE |
| | FlowerPippi |
| | FlowerPower, BoBoStealer |
| | FluffyGh0st |
| | FlyingDutchman |
| | Fobber |
| | FoggyWeb |
| | Foozer |
| | FORKBEARD |
| | Formbook, win.xloader |
| | FormerFirstRAT, FF-RAT, ffrat |
| | FoundCore, RainyDay |
| | FOXGRABBER |
| | Fox Panel |
| | FRAUDROP |
| | Freenki Loader |
| | FrostyGoop |
| | FrozenCell |
| | FRP, Fast Reverse Proxy |
| | FruityC2 |
| | fscan |
| | FudModule |
| | FullThrottle |
| | FunnyDream |
| | FunnySwitch, RouterGod |
| | FurBall |
| | GamaPOS, pios |
| | Gamaredon |
| | GameOver Zeus, Peer-to-Peer Zeus, P2P Zeus, GOZ |
| | GandCrab, GrandCrab |
| | Gazer, WhiteBear |
| | Gcat |
| | GCMAN |
| | GDOCUPLOAD |
| | GearShift |
| | GELCAPSULE |
| | Gelsemine |
| | Gelsenicine |
| | Gelsevirine |
| | Gelup |
| | Gemcutter |
| | GeminiDuke |
| | Geppei |
| | Get2, FRIENDSPEAK, GetandGo |
| | Get-LAPSP.ps1 |
| | get-logon-history.ps1 |
| | GetMail |
| | GetMyPass, getmypos |
| | GetUserSPNS.vbs |
| | Gh0stnet, Ghostnet, Remosh |
| | Gh0st RAT, Ghost RAT, AngryRebel, Farfli, PCRat, Moudour, Mydoor |
| | Gh0stTimes |
| | Ghambar |
| | Ghole, Gholee, CoreImpact (Modified) |
| | Gh0stCringe RAT |
| | GIFTEDVISITOR |
| | Gigabud, Gigabud RAT |
| | GIMMICK |
| | GlanceLove, WinkChat |
| | GLASSES, Wordpress Bruteforcer |
| | GLASSTOKEN |
| | GlitchPOS |
| | GlobeImposter, Fake Globe |
| | GLOOXMAIL, Trojan.GTALK |
| | glue30.dll |
| | GnatSpy |
| | GoBot2 |
| | GoBuster |
| | GodFather |
| | Godlua |
| | GodPotato |
| | Godzilla, Godzilla Loader |
| | GOGGLES, TROJAN.FOXY |
| GORBLE |
| | GOLDBACKDOOR |
| | GoldDigger |
| | Gold Dragon, GoldDragon, Lovexxx |
| | GoldenEagle |
| | GoldenRAT |
| | GoldFinder |
| | GoldMax, SUNSHUTTLE |
| | GoldPickaxe |
| | GolfSpy |
| | GollumApp |
| | Gon |
| | Goodor, Fuerboos |
| | GoogleDrive RAT |
| | Goopy |
| | GooseEgg |
| | Gootkit, Gootloader, Xswkit, talalpek, Waldek |
| | Gophe |
| | GoProxy, SNAILPROXY |
| | Gopuram |
| | Gorynych, Gorynch, Diamond Fox, DiamondFox, Crystal |
| | gosecretsdump |
| | GO Simple Tunnel, GOST |
| | GOSSIPFLOW |
| | GotoHTTP |
| | Govmomi |
| | Gozi, CRM, Gozi CRM, Papras, Ursnif, Snifula |
| | Gozi ISFB, ISFB, Pandemyia |
| | Gozi v2, Gozi Prinimalka, Prinimalka-Gozi |
| | GozNym |
| | gpresult, Group Policy Results Tool |
| | GpUpdates.exe |
| Grandoreiro |
| | GraphicalNeutrino, SNOWYAMBER |
| | GraphicalProton, GraphDrop, SPICYBEAT |
| | Graphican |
| | Graphiron |
| | Graphite |
| | Graphon |
| | GraphSteel, Elephant Client |
| | Grateful POS, TRINITY |
| | GravityAdmin |
| | GravityRAT |
| | GRAYFISH |
| | Gray Lambert |
| | Grease |
| | GREENCAT |
| | GreenDispenser |
| | Green Lambert |
| | GreezeBackdoor |
| | GrewApacha |
| | GreyEnergy |
| | Grief, Pay or Grief |
| | Griffon, Harpy |
| | GRILLMARK, Hellsing Backdoor |
| | GrimPlant, Elephant Implant |
| | GROK |
| | gsecdump |
| | GuLoader, vbdropper, CloudEyE |
| | GUNTERS |
| | GUP Proxy Tool |
| | H1N1 Loader, H1N1 |
| | HackBrowserData |
| | Hackfase, Hacksfase |
| | Hades |
| | HALFBAKED, VB Flash |
| | HALFSHELL |
| | HammerDuke, HAMMERTOSS, NetDuke, tDiscoverer |
| | Hamsa Wiper |
| | Hancitor, Chanitor |
| | Handala |
| | Hannotog |
| | HAPPYWORK |
| | HARDRAIN |
| | Harpoon, Garpun |
| | Hatef Wiper |
| | HATVIBE |
| | Havex RAT, Havex, Oldrea, Backdoor.Oldrea, Fertger, PEACEPIPE |
| | Havij |
| | Havoc, Havokiz |
| | Hawup, Hawup RAT |
| | hcdLoader |
| | HDoor, Custom HDoor |
| | HDRoot, HDD Rootkit |
| | Hdump |
| | Headlace |
| | HeavyLift |
| | Hekatomb |
| | Helauto |
| | Hello EK, LightsOut 2.0 |
| | HELLOKITTY, HelloKitty, KittyCrypt |
| | Helminth |
| | HenBox |
| | Heriplor |
| | Hermes |
| | HermeticRansom, PartyTicket, Elections GoRansom, SonicVote |
| | HermeticWiper, DriveSlayer, FoxBlade, KillDisk.NCV, Trojan.Killdisk, NEARMISS |
| | HermeticWizard |
| | HesperBot |
| | HLOADER |
| | HiddenLotus |
| | HIDEDRV |
| | HighNoon |
| | HighNote, ChyNode |
| | HiKit |
| | Hisoka |
| | HKDOOR |
| | Hodur |
| | HomamDownloader |
| | HOMEFRY |
| | HOOKSHOT |
| | HOPLIGHT, HANGMAN |
| | HopperTick |
| | Hornbill |
| | HOTCROISSANT, HotCroissant |
| | HotelAlfa |
| | HOTLANE |
| | Hotwax, HOTWAX |
| | HtDnDownLoader |
| | HTML5 Encoding |
| | HTran, HUC Packet Transmit Tool |
| | HTTPBrowser, HttpBrowser RAT, HttpDump, TokenControl, Token Control |
| | httpclient |
| | Http Dr0pper, httpdr0pper, httpdropper |
| | HTTPSnoop |
| | HTTP Troy, http_troy |
| | HTTPTunnel |
| | HUC Port Banner Scanner |
| | HUI Loader |
| | HummingBad |
| | HummingWhale |
| | Hunter |
| | Hupigon, Hupigon RAT, BKDR_HUPIGON, MFC Huner |
| | Hurix |
| | Hussar |
| | H-Worm, H-Worm RAT, Houdini RAT, Houdini, Hworm, Njw0rm, Iniduoh, Jenxcus, Kognito, WSHRAT, dinihou, dunihi |
| | HyperBro |
| | HYPERSCRAPE |
| | HyperStack, GoldenSky, SilentMoon, Turla SilentMoon, BigBoss, Cacao |
| | IAP |
| | IceCube |
| | IcedCoffee |
| | Icefog, Fucobha |
| | Ice IX |
| | IconDown |
| | ICONICSTEALER |
| | IE PassView |
| | IGT supertool, Information Gathering Tool |
| | IHEATE |
| | IMAPLoader |
| | Imecab |
| | Imminent Monitor RAT, Imminent Monitor |
| | Impacket |
| | Inception |
| | Industrial Spy |
| | Industroyer, Crash, CrashOverride, CRASHOVERRIDE, Win32/Industroyer |
| | Industroyer2 |
| | Infostealer, stereoversioncontrol |
| | Infy, Foudre |
| | InsidiousGh0st |
| | Inveigh |
| | InvisiMole |
| | Invoke-Ngrok |
| | Invoke-SMBAutoBrute |
| | Invoke the Hash |
| | IPsec Helper |
| | IRAFAU |
| | IRONHALO |
| | IronNetInjector |
| | IronPython |
| | IRONSQUIRREL |
| | IronWind |
| | IsaacWiper, LASAINRAW |
| | ISMAgent |
| | ISMDoor |
| | ISMInjector, Agent Injector |
| | IsSpace, NfLog RAT |
| | Ivoke |
| | IXESHE |
| | JackalControl |
| | JackalPerInfo |
| | JackalScreenWatcher |
| | JackalSteal |
| | JackalWorm |
| | JackOfHearts, SLOTHFULMEDIA |
| | JackPOS |
| | JadeRAT |
| | Jaff, Rakhni |
| | Janeleiro |
| | Janicab |
| | Jason |
| | Jasus |
| | Javafog |
| | JESTBOT |
| | JhoneRAT |
| | JHUHUGIT, Seduploader, JKEYSKW, Sednit, Downrage, GAMEFISH, carberplike, SofacyCarberp, Carberp, Trojan.Sofacy |
| | JLOGRAB |
| | JLORAT |
| | Joanap, SierraJuliett-MikeOne, SierraJuliett-MikeTwo |
| | Jokra, KillMBR, Dembr |
| | JpgRun, JpgRun Loader |
| | JPIN |
| | JRat, Jacksbot |
| | JripBot, Jiripbot |
| | JS Flash |
| | JsonCookies |
| | jsp File browser |
| | JSPRAT |
| | JSPSPY |
| | JSSLoader, FOWLGAZE |
| | JuicyPotato |
| | JuicyPotatoNG |
| | Jumpall |
| | KAgent |
| | KamiKakaBot |
| | KANDYKORN |
| | KARAE |
| | Karagany, Karagny, Trojan.Karagany, xFrost |
| | Karba, Trojan.Win32.Karba.e |
| | Karius |
| | Karkoff, MailDropper, DropperBackdoor, CACTUSPIPE, OILYFACE |
| | KasperAgent |
| | Kazuar |
| | KeeThief |
| | Kegotip |
| | Kelihos, Waledac, Hlux |
| | Kerberoast |
| | Kerberods |
| | KerrDown |
| | Ketrican |
| | Ketrum |
| | KevDroid |
| | KeyBoy, TSSL |
| | KEYMARBLE |
| | KEYPLUG, ELFSHELF |
| | Keyrecord |
| | KGH_SPY, KGH Spyware Suite |
| | KHRAT |
| | Kikothac |
| | KillDisk, Win32/KillDisk.NBI, Win32/KillDisk.NBH, Win32/KillDisk.NBD, Win32/KillDisk.NBC, Win32/KillDisk.NBB |
| | Killua |
| | KimJongRAT |
| | Kimsuky |
| | KingOfHearts |
| | KINS, Maple, Zeus.Maple, Kasper Internet Non-Security |
| | Kitkiot |
| | KIVARS |
| | kl.ps1 |
| | KLRD |
| | Koadic |
| | KOCTOPUS |
| | Komplex |
| | KOMPROGO, Splinter RAT |
| | Konni |
| | KopiLuwak |
| | Koredos |
| | Korkerds |
| | KPortScan |
| | Krasue |
| | KRBanker, Blackmoon |
| | Krong |
| | Kronos |
| | KSL0T |
| | KsRemote |
| KTLVdoor |
| | Kurton |
| | Kwampirs |
| | LadonGo |
| | Lambert, Plexor |
| | Lastacloud |
| | LastConn |
| | LATCHKEY |
| | LATELUNCH |
| | LaZagne |
| | Lazarus, HIDDEN COBRA RAT/Worm |
| | LazyCat |
| | lcx |
| | Leash |
| | LEMONSTICK |
| | LEMPO |
| | Leo RAT |
| | LEOUNCIA, shoco |
| | LESLIELOADER |
| | Licat, Murofet |
| | liderc |
| | LIFEBOAT |
| | LIGHTBOLT |
| | LightBot |
| | LIGHTDART |
| | LightlessCan |
| | LightNeuron, NETTRANS, XTRANS |
| | LIGHTSHIFT |
| | LIGHTSHOW, FudModule |
| | LightsOut EK |
| | lightSpy |
| | LIGHTWIRE |
| | Lilith RAT, Lilith |
| | Limepad |
| | LimeRAT |
| | Linfo |
| | LIONTAIL |
| | Listrix |
| | LiteDuke |
| | lite_more_eggs |
| | Little Pig |
| | Living off the Land, LOLBins, LOLBAS |
| | Lizar, Tirion, DICELOADER |
| | LOADGRIP |
| | LOADOUT |
| | LockBit, ABCD Ransomware, LockBit Black, Syrphid |
| | LockerGoga |
| | LockFile |
| | LockPOS |
| | Locky |
| | Loda, Loda RAT, LodaRAT, Nymeria |
| | LODEINFO |
| | LoFiSe |
| | LOGBLEACH |
| | Logger Module |
| | logon.dll |
| | LogPOS |
| | logsupport.dll |
| | LoJax |
| | LokiBot, Loki, LokiPWS, Loki.Rat, ForeIT |
| | LONGRUN |
| | LONGWATCH |
| | LOOKOVER |
| | LOWBALL |
| | Lowkey, PortReuse |
| | LSD |
| | Lslsass |
| | LuaDream, DreamLand |
| | Lucky Cat, LuckyCat |
| | Luminosity RAT, LuminosityLink |
| LummaC2, Lumma Stealer |
| | LUNCHMONEY |
| | Lurk |
| | LZ77 |
| | Macaw Locker |
| | Machete, El Machete |
| | Macma, MacMa, CDDS, DazzleSpy |
| | Madi |
| | Madness PRO DDoS |
| | Magecart |
| | Magenta Lambert |
| | MAGICDROP |
| | MagicRAT |
| | MagicWeb |
| | MailPassView |
| | MAILSLOT |
| | Maintools.js |
| | MajikPOS |
| | MalumPOS |
| | ManItsMe |
| | MAPIget |
| | Marcher |
| | MargulasRAT |
| | MarkiRAT |
| | Marlin |
| | MASEPIE |
| | MATA |
| | Matiex |
| | Matrix Banker, RediModiUpd |
| | Matryoshka RAT, Matryoshka |
| | Maxtrilha |
| | Maze, ChaCha |
| | MBR Eraser |
| | MBS BTC Stealer |
| | Md_client |
| | MechaFlounder |
| | Mechanical, GoldStamp |
| | MediaPl, EYEGLASS |
| MedusaLocker, AKO Doxware, AKO Ransomware, MedusaReborn |
| | meek |
| | MegaCreep |
| | MEGAsync |
| Mekotio, Metamorfo, Casbaneiro |
| | Merdoor |
| | MessageTap |
| | METALJACK, denesRAT |
| | Metasploit |
| | Metasploit Stager |
| | Metel |
| | Meterpreter |
| | MFC Keyloggers |
| | MgBot, BLame, Mgmbot, POCOSTICK |
| | MiamiBeach |
| | Microolap Packet Sniffer, TCPDUMP for Windows |
| | Micropsia |
| | Microcin, Mikroceen |
| | MIGLOGCLEANER |
| | Milan, James |
| | MILKDROP |
| | Milkmaid |
| | Milum |
| | Mimikatz |
| | Mimilite |
| | MINEBRIDGE, MINEBRIDGE RAT, GazGolder |
| | MINEDOOR |
| | MiniASP |
| | MiniDuke |
| | MiniWebCmdShell |
| | Minzen, XXMM, Wali, ShadowWali, ShadowWalker |
| | MirageFox |
| | MirrorBlast |
| | MirrorStealer |
| | MischiefTut |
| | Misdat |
| | Mispadu, URSA |
| | MISTCLOAK, HIUPAN |
| | MiS-Type |
| | Mivast |
| | MIXLABEL |
| | MKL Pro Keylogger |
| | MMRat |
| | Mobzsar |
| | MobileOrder |
| | ModPipe |
| | ModPOS, straxbot |
| | MoleNet |
| | Molerat Loader |
| | Moneybird |
| | MoneyTaker |
| | Mongall |
| | MoonBounce |
| | MoonPeak |
| | MOONSHINE |
| | MoonWalk |
| | MoonWind RAT, MoonWind |
| | MOPSLED |
| | More_eggs, SpicyOmelette, Terra Loader, SKID |
| | Moriya |
| | Mosquito |
| | Moudoor, SCAR |
| | MOVEit Freely |
| | MPKBot, MPK |
| | MQsTTang, QMAGENT |
| | MrPerfectInstaller |
| | MS Exchange Tool |
| | msieckc.exe |
| | MSFvenom |
| | MSUpdater |
| | msvcrt58.sqt |
| | MuddyC2Go |
| | Mudwater |
| | Multigrain, Multigrain POS |
| | MultiLayer Wiper, MultiLayer |
| | MultiPipeLoader |
| | MumbaiDown |
| | Munchkin |
| | MURKYTOP |
| | MY24 |
| | MyDogs |
| | Mydoom, Novarg, Mimail |
| | MyKLoadClient |
| | MysteryBot |
| | MysterySnail RAT, MysterySnail |
| | MZCookiesView |
| | N1stAgent |
| | NachoCheese, NACHOCHEESE, Cyruslish, TWOPENCE, VIVACIOUSGIFT |
| | Naid, Trojan.Naid, Mdmbot.E, AGENT.GUNZ, AGENT.AQUP.DROPPER, AGENT.BMZA, MCRAT.A, AGENT.ABQMR |
| | Naikon, XsFunction, Sacto |
| | NAILGUN |
| | NanHaiShu |
| | NanoCore RAT, NanoCore, Nancrat, Zurten, Atros2.CKPN |
| | Nautilus |
| | NavRAT, JinhoSpy |
| | NB65 |
| | Nbot, TFC |
| | nbtscan, NBTscan |
| | nbtstat |
| | NCAT |
| | NcFTPPut |
| | NDiskMonitor |
| | Nebulae |
| | Necurs, nucurs |
| | Nefilim, Nephilim |
| | Nemim, Nemain |
| | Nemty |
| | NeoPocket |
| Neo-reGeorg |
| | Neptun |
| | Nerex |
| | NestEgg |
| | netcat |
| | Net Crawler, NetC |
| | NetEagle, ScoutEagle, scout, Neteagle_Scout, norton |
| | Netero |
| | NetExec |
| | NetFlash |
| | NetHelp Infostealer, NetHelp Striker |
| | NetPwdDump |
| | NetSess |
| | NetSessionEnum |
| | NetSupport Manager, NetSupport Manager RAT, NetSupportManager RAT, NetSupport RAT, NetSupport |
| | NetSpy |
| | NetTraveler, TravNet, Netfile |
| | NetUseEngine |
| | Netview |
| | NETVulture |
| | NetWalker, MailTo, Koko Ransomware |
| | NetWire RC, NetWire RAT, NetWired RC, NetWire, NetWeird, Recam |
| | NETWoolger |
| | Network Password Recovery |
| | Neuron |
| | Neutrino, Neutrino Bot, Neutrino Exploit Kit, Kasidet |
| | Neutrino POS, Jimmy |
| | NewCore RAT |
| | NewCT, CT |
| | NewCT2 |
| | NewPass |
| | NewPosThings |
| | NewsReels |
| | NFlog |
| | Ngrok |
| | Nibatad |
| | NickelLoader, CLOUDBURST |
| | Nidiran, Backdoor.Nidiran |
| | Nightdoor, NetMM, Suzafk |
| | NIGHTJAR |
| | NightSky, Night Sky |
| | NimbleMamba |
| | Nimcy |
| | NineBlog |
| | NineRAT |
| | Ninja |
| | Nishang |
| | Niteris EK, CottonCastle |
| | NitlovePOS, nitlove |
| | njRAT, Bladabindi, Jorik |
| | nmap |
| | No-Justice Wiper, LowEraser |
| | Nokki |
| | NOKNOK |
| | Non-sucking Service Manager, NSSM |
| | NOOPDOOR |
| | NotPetya, EternalPetya, ExPetr, Pnyetya, Petna, Nyetya, NonPetya, nPetya, Petrwrap, Diskcoder.C, GoldenEye |
| | NPS |
| | NSIS, Nullsoft Scriptable Install System |
| | NSPX30 |
| | NTDSDump |
| | Ntospy |
| | NukeSped |
| | Numando |
| | Nymaim, nymain |
| | ObfuBerry |
| | ObfuMerry |
| | ObliqueRAT, Oblique RAT |
| | OceanLotus, OSX_OCEANLOTUS.D, Backdoor.MacOS.OCEANLOTUS.F |
| | OCEANMAP |
| | Oceansalt |
| | Octopus |
| | OddJob |
| | Odinaff |
| | OilRig |
| | Okrum |
| | OKSOLO |
| | OLDBAIT, Sasfis |
| | Olympic Destroyer, SOURGRAPE |
| | OnionDuke |
| | OopsIE |
| | OpBlockBuster |
| | OpenDoc |
| | OPENSHACKLE |
| | OperaPassView |
| | OpGhoul |
| | Orangeade |
| | Orat |
| | oRAT |
| | ORCSHRED |
| | Orcus RAT, Orcus, Schnorchel |
| | OS_Check_445 |
| | OSInfo |
| | Osiris |
| | OutLoader |
| | Outlook Backdoor, FACADE |
| | OutSteel |
| | OwaAuth, luckyowa |
| | Owowa |
| | OwlProxy |
| | P0wnyshell, Ponyshell, Pownyshell |
| | P8RAT, GreetCake |
| | PACMAN |
| | PAExec |
| | Pagoda |
| | Paladin RAT, Paladin |
| | Pallas |
| | Pandora |
| | Pantegana |
| | PapaCreep |
| | Paperbug |
| | Parallax RAT, ParallaxRAT, Parallax |
| | PartialWasher Wiper, PartialWasher, PW |
| | P.A.S., PAS, Fobushell |
| | Pasam |
| | PassKillDisk |
| | Pass-The-Hash Toolkit |
| | PasswordFox |
| | Patao |
| | Pay2Key, Cobalt |
| | PayloadBIN |
| | pcaudit.bat |
| | PCClient |
| | PcExter |
| | PCHUNTER |
| | PCShare |
| | PEBBLEDASH |
| Pegasus, Q Suite, Chrysaor, JigglyPuff |
| | Penquin Turla |
| | Peppy RAT, Peppy Trojan |
| | pgift, ReRol |
| | PGoShell |
| | PhanDoor |
| | PhantomLance, PWNDROID1, Android.Backdoor.736.origin |
| | PhantomNet, SManager |
| | Philadelphia, Philadephia Ransom |
| | Phishery, Trojan.Phisherly |
| | Phoenix, Phoenix Locker |
| | PhonyC2 |
| | PHOREAL, Rizzo |
| | PHPMailer |
| | PhpSpy |
| | PICKPOCKET |
| | Pierogi |
| | PiggyBack |
| | PikoloRAT |
| | PinchDuke |
| | PINEFLOWER, CORRUPT KITTEN |
| | PINEGROVE |
| | PingCastle |
| | PingPull |
| | PinkKite |
| | Pink Lambert |
| | Pioneer, Virus.Win32.Pioneer.dx, igfxext.exe |
| | PIPEDREAM |
| | PipeMon |
| | PipeSnoop |
| | Pirpi, SHOTPUT, Badey, EXL, CookieCutter, Backdoor.APT.CookieCutter |
| | Pisloader, Roseam |
| | Pitty, PittyTiger RAT |
| | Pitvotnacci |
| | PixPirate |
| | PixStealer, BrazKing |
| | PLAINTEE |
| | PLANKWALK |
| | PLEAD, DRAWDOWN, GOODTIMES, Linopid, TSCookie |
| | Plink, PuTTY Link |
| | Ploutus, Ploutus ATM, Plotus |
| | PluginPhantom |
| | PlugX, Destroy RAT, DestroyRAT, Korplug, Sogu, Kaba, Xamtrav, Agent.dhwf, RedDelta, TIGERPLUG, Thoper, TVT |
| | PlugY |
| | pngdowner |
| | PNGLoad |
| | PocoDown, Blitz, PocoDownloader |
| | PoisonCarp, INSOMNIA |
| | Poison Ivy, pivy, poisonivy, Gen:Trojan.Heur.PT, Darkmoon, Chymine, SPIVY |
| | Poldat, Zlib, KABOB |
| | PolyglotDuke |
| PondRAT |
| | Pony, Pony Loader, Siplog, Fareit |
| | PoohMilk Loader, PoohMilk |
| | POOLRAT, SIMPLESEA |
| | POORAIM, Backdoor.APT.POORAIM |
| | POPFLASH |
| | Port.exe |
| | PORTHOLE |
| | PortQry |
| | PortScan |
| | PosCardStealer |
| | PoshAdvisor |
| | PoshC2 |
| | POSHSPY |
| | PoSlurp, PUNCHTRACK, PSVC |
| | POTROAST |
| | POWBAT |
| | PowerBand |
| | PowerBrace |
| | PowerDuke |
| | PowerDump |
| | PowerExchange |
| | Powerkatz |
| | PowerLess Backdoor |
| | PowerMagic |
| | Powermud |
| | PowerPepper |
| | POWERPIPE |
| | POWERPLANT, KillACK |
| | POWERPOST |
| | PowerPunch |
| | PowerRatankba, QUICKRIDE.POWER |
| | PowerShell RAT |
| | PowerShellRunner-based RPC backdoor, PowerShellRunner |
| | PowerShower |
| | Powersing |
| | POWERSOURCE |
| | PowerSploit |
| | PowerSpritz |
| | PowerStallion |
| POWERSTAR, CharmPower, GorjolEcho |
| | POWERSTATS, Valyria |
| | PowerTask |
| | POWERTON |
| | PowerTrick |
| | PowerView |
| | PowGoop |
| | PowHeartBeat |
| | POWRUNER |
| | POWSSHNET |
| | PRB-Backdoor, prb_backdoor |
| Predator, Lycantrox |
| | Prikormka |
| | Prilex |
| | PRIVATELOG |
| | ProcDump |
| | ProduKey |
| | ProLock, PwndLocker |
| | Pro-Ocean |
| | Pro POS |
| | Protected Storage PassView |
| | Protux |
| | ProxyBot |
| | ProxyChains |
| | Proxysvc |
| | ProxyT |
| | Ps2dllLoader |
| | PseudoManuscrypt |
| | PsExec |
| | psinstrc.ps1 |
| | PsiXBot, PsiX |
| | PsList |
| | PSLogger, ECCENTRICBANDWAGON |
| | Psylo |
| | Pteranodon, Pterodo |
| | PubFantacy |
| | PUBLOAD, ClaimLoader |
| | Pulseway |
| | PunchBuggy, ShellTea, Powersniff |
| | Punkey, PunkeyPOS, Punkey POS, pospunk, poscardstealer |
| | PuppetLoader |
| | PupyRAT, Pupy, pupy |
| | Pure Storage FlashArray, Pure Storage FlashArray PowerShell SDK |
| | Purple Lambert |
| | PuTTY |
| | PVE Find AD Users |
| | PVZ-In |
| | PVZ-Out, PvzOut |
| | pwdump |
| | PwnPOS |
| | Pyark |
| | PyDCrypt |
| | PyFlash |
| | Pylot, Travle |
| | PyMICROPSIA |
| | PySoxy |
| | PythocyDbg |
| | PyVil RAT, PyVil |
| | PyXie, PyXie RAT |
| | Qadars |
| | QakBot, QuakBot, QuackBot, Qbot, PinkSlip, Pinkslipbot, Oakboat |
| | QCRat |
| | QUADAGENT |
| | Quant Loader, QuantLoader |
| | QuarkBandit |
| | Quarks PwDump |
| | QuasarRAT, Quasar RAT, CinaRAT, Yggdrasil |
| | QueenOfClubs, SlothfulMedia |
| | QueenOfHearts |
| | QUEUESEED, IcyWell, Kapeka |
| | Quickcafe |
| | QUIETEXIT |
| | QuietSieve |
| | QuiteRAT, Acres |
| | RADIOSTAR |
| | RagnarLocker, Ragnar Locker |
| | Ragnatela, Ragnatela RAT |
| | RaidBase |
| | RAINDROP |
| | Rambo, brebsd |
| | Ramnit, Nimnul |
| | Ramsay |
| | Rana |
| | Ranbyus |
| | RansomBoggs |
| | RapidStealer |
| | rarstar |
| | RARSTONE |
| | Raspberry Robin, RaspberryRobin, LINK_MSIEXEC, QNAP-Worm |
| | Ratankba, Ratabanka, QUICKRIDE |
| | RatankbaPOS, RatabankaPOS |
| | RATel |
| | RATHOLE |
| | RatSnif |
| | RawDisk |
| | RawPOS, FIENDCRY, DUEBREW, DRIFTWOOD |
| | RCLONE, Rclone |
| | RCSession |
| | RCS Galileo |
| | RC SHELL |
| | Rdasrv |
| | RDAT, GREYSTUFF |
| | RDFSNIFFER |
| | RDP, Remote Desktop Protocol |
| | RDPWrap |
| | Recon |
| | ReconModule |
| | ReconShark |
| | Red Alert, Red Alert 2.0 |
| | RedAlpha |
| | RedCore |
| | redis-rogue-getshell |
| | RedLeaves, BUGJUICE |
| | RedLine, RedLine Stealer |
| | RedPepper, Adupib |
| | RedSalt, Dipsind |
| | RedShawl |
| | RedXOR |
| | ReflectiveGnome |
| | RegDuke |
| | reGeorg |
| | Regin, Prax, WarriorPride |
| | RELOADEXT |
| | Remcom, RemoteCommandExecution |
| | RemcosRAT, Remcos, Remvio, Socmer |
| | Remexi, CACHEMONEY |
| | remote-access-c3 |
| | RemoteCMD |
| | Remote CMD/PowerShell terminal |
| | Remote Control System, RCS, Crisis |
| | Remote Desktop PassView |
| | Remsec, Backdoor.Remsec, ProjectSauron |
| | RemShell |
| | RemShell Downloader |
| | Remy, Remy RAT, WINDSHIELD |
| | REPTILE |
| | Resetter |
| | Reshell |
| | Responder, SpiderLabs Responder |
| | Retefe, Dok, Tsukuba, Werdlod |
| | Retefe (Android) |
| | Retro |
| | Revealer Keylogger |
| | RevengeRAT, Revenge RAT, Revenge, Revetrat |
| | ReverseRAT |
| | RevSocks |
| | ReZer0 |
| | RGDoor |
| | Rhadamanthys, Rhadamanthys Stealer |
| | RICECURRY, Exploit.APT.RICECURRY |
| | Rifdoor |
| | RIFLESPINE |
| | Rikamanu |
| | Rising Sun |
| | RMS, Remote Manipulator System, Gussdoor, RuRAT |
| | Roaming Mantis, MoqHao, XLoader, Wroba |
| | RoboSki |
| | ROCK, yellowalbatross |
| | ROCKBOOT |
| | RocketMan |
| | RockLoader |
| | RogueRobin, RogueRobinNET |
| | RotBot |
| | RokRAT |
| | Roland, Roland RAT |
| ROMCOM RAT, ROMCOM |
| | Romeos, RomeoCore, Romeo-CoreOne, R-C1 |
| | RomeoAlfa, AlphaNC |
| | RomeoBravo, BravoNC |
| | RomeoCharlie |
| | RomeoDelta, DeltaNC |
| | RomeoEcho |
| | RomeoFoxtrot |
| | RomeoGolf |
| | RomeoHotel |
| | RomeoMike |
| | RomeoNovember |
| | RomeoWhiskey, Winsec |
| | Rook |
| | Roopy |
| | RottenPotato |
| | ROUTERSCAN |
| | RoyalCli |
| | RoyalDNS, Royal DNS |
| | Rsocx |
| | RTM, RTM Banker, Redaman |
| | RtPOS |
| | Rubeus |
| | RUHAPPY |
| | Ruler |
| | RunningRAT, Running RAT, running_rat |
| | RURansom |
| | RustBucket |
| | RustDesk |
| | RustDown |
| | Ryuk |
| | S3BROWSER |
| | Safe |
| | SafetyKatz |
| | SAGEHIRE |
| | Sagerunex |
| | SaintBot, Saint Bot |
| | Saitama, Saitama Backdoor, AMATIAS |
| | Sakabota |
| | Sakula RAT, Sakula, Sakurel, VIPER |
| | Salgorea, BadCake |
| | Sality, Sector, Kuku, SalLoad, Kookoo, SaliCode, Kukacka |
| | SALTLICK |
| | SamSam, Samas |
| | Samurai |
| | Sandboxie |
| | SandroRAT |
| | Sardonic |
| | Sasfis, Oficla |
| | Satellite Turla |
| | scanbox |
| | ScanPOS |
| | ScarCruft, StarCruft |
| | Scieron |
| | Scotch |
| | Scote |
| | Scout |
| | SCRAPMINT |
| | ScreenCap |
| | ScreenConnect, ConnectWise |
| | Screenshotter |
| | sctrls |
| | SDBbot |
| | SDelete |
| | SeaDuke, SeaDaddy, SeaDesk, SeaDask |
| | Seasalt |
| | SEAWEED |
| | SecHack |
| | SecreetsDump |
| | Secure FTP Client |
| | Secure Socket Funneling, SSF |
| | Sedkit |
| | SeDLL |
| | Sedreco, AZZY, EVILTOSS, ADVSTORESHELL, NETUI |
| | Separ |
| | Sepulcher |
| | SerialPktdoor |
| | SerialVlogger |
| | Serveo |
| | ServHelper |
| | SessionGopher |
| | SessionManager |
| | ShadowHammer, DAYJOB |
| | ShadowNet |
| | ShadowPad Winnti, POISONPLUG.SHADOW, XShellGhost |
| | ShadyRAT |
| | SHAPESHIFT |
| | shareip, remotecmd |
| | Shark |
| | SharkBot |
| | SharpEfsPotato |
| | SHARPEXT |
| | SharpHound |
| | SharpJSHandler |
| | SHARPKNOT, Bitrep |
| | Sharp-SMBExec |
| | SharpSploit |
| | SharpStage |
| | SHARPSTATS |
| | SharpToken |
| | SharpView |
| | SharPyShell |
| | SharpZulip |
| | SheepRAT |
| | ShellClient |
| | SHELLSWEEP |
| | Shifu |
| | ShimRAT, Shim RAT |
| | Shipshape |
| | Shootback |
| | SHORTBENCH |
| | SHUTTERSPEED |
| | Shylock, Caphaw |
| | Sibot |
| | SIDESHOW |
| | SideTwist |
| | SideWalk, ScrambleCross |
| | SierraAlfa |
| | SierraCharlie |
| | SIGFLIP |
| | SIGTRANslator |
| | Silence, Silence.Downloader, TrueBot |
| | SilentCMD |
| | SilentGh0st |
| | Silent Night |
| | SILENTUPLOADER |
| | SilkBean |
| | SilverHawk |
| | Silver Lambert |
| | Sima |
| | SimplexTea, SimpleTea |
| | Sinowal, Anserin, Mebroot, Quarian, Theola, Torpig |
| | sip_telephone |
| | Sisfader, Sisfader RAT |
| | Sisron |
| | SIXPACK |
| | SkeletonKeyInjector |
| | SkiBoot |
| | Skimer |
| | SkinnyBoy |
| | Skip-2.0 |
| | Skipper, Kotel |
| | SLAPSTICK |
| | sLoad, StarsLord |
| | SLICKSHOES |
| | Slingshot |
| | Sliver |
| | SLOWDRIFT |
| | SLOWROLL |
| | SLRat |
| | SLUB |
| | SMBExec |
| | Smbmap |
| | smbscan |
| | smbtool |
| | SMBTouch |
| | SMBTrap |
| | Smoke Loader, SmokeLoader, Smoke, Dofoil, Sharik |
| | SmsSpy |
| | Snatch |
| | Sneepy, ByeByeShell |
| | SniffPass |
| | SnifLite |
| | SNUGRIDE |
| | Snugy |
| | Socat |
| | SocksBot, BIRDDOG, Nadrac |
| | SocGholish, FAKEUPDATES, FakeUpdate |
| | SodaMaster, DelfsCake, dfls, DARKTOWN, HEAVYPOT |
| | Sodinokibi, Sodin, REvil |
| | SodomMain, SodomMain RAT |
| | SodomNormal |
| | SoftEther VPN |
| | SoftPerfect Network Scanner |
| | Sojax |
| | SOLOSHRED |
| | SombRAT |
| | SoreFang |
| | Sorgu |
| | Soraya |
| | SOUNDBITE, Denis |
| | SOUNDWAVE |
| | S.O.V.A. |
| | Spaceship |
| | Spark |
| | SPARKLOG |
| | SparkRAT |
| | SparrowDoor, FamousSparrow |
| | Speculoos |
| | Spedear |
| | SPICA |
| | Spindest, Backdoor.Apocalipto |
| | Spidey Bot |
| | SPINOFF |
| | SPINNER |
| | Splashtop |
| | Sponsor |
| | SpoolFool |
| | SPOONBEARD |
| | SprySOCKS |
| | spwebmember |
| | SpyC23 |
| | Spyder |
| | SpyEye |
| | SpyMax |
| | SpyNote RAT, SpyNote, CypherRat |
| | SpyWaller |
| | Sqlextractor |
| | sqllauncher.dll |
| | sqlmap |
| | SQLRAT |
| | SQLULDR2 |
| | SScan |
| | SSHMinion |
| | SslMM |
| | SSLove RAT |
| | StarLoader |
| | StarsyPound |
| | STASHLOG |
| | Stealc |
| | Stealer |
| | StealthFalcon |
| | Stealth Mango |
| | STEELCORGI |
| | STEELHOOK |
| | STEELHOUND |
| | StickyFingers, QUICKBALL |
| | Stink |
| | StoneDrill, DROPSHOT |
| | StreamEx |
| | StrifeWater, StrifeWater RAT |
| | StrongPity |
| | StrongPity2 |
| | StrongPity3 |
| | STSRCheck |
| | Stubbedoor |
| | Stunnel |
| | Stuxnet, W32.Stuxnet |
| | S-Type |
| | Subbrute |
| | Sublist3r |
| | SUBTLE-PAWS |
| | SubtractThis |
| | SUCEFUL |
| | SUDDENICON, 3CX Backdoor |
| | SUGARLOADER |
| | SUN4ME |
| | SunBird |
| | SUNBURST, Solorigate |
| | SunCrypt |
| | SUNSPOT |
| | SUPERNOVA |
| | SVCMONDR |
| | SWEARJAR |
| | SWEETCANDLE |
| | SWEETDROP |
| | SweetPotato |
| | SweetSpecter |
| | SwiftSlicer, JaguarBlade |
| | swissknife2 |
| Swor |
| | Sword |
| | Sword2033 |
| | Sykipot, Getkys, Wkysol |
| | Symatic Loader |
| | SymonLoader |
| | SynFlooder |
| | Sys10 |
| | Syscon, SYSCON, Sanny |
| | SystemBC, Coroxy, DroxiDat |
| | SysGet, HelloBridge |
| | SysInternals |
| | SysJoker |
| | SysKit, IvizTech, MANGOPUNCH |
| | Sysmain |
| | SysUpdate, FOCUSFJORD, HyperSSL, Soldier |
| | TABBYCAT |
| | TABLEFLIP |
| | TabMsgSQL, LETSGO |
| | TacticalRMM |
| | Tafacalou |
| | Taidoor, simbot |
| | Tailscale |
| | TAINTEDSCRIBE |
| | TAMECAT |
| | Tapaoux |
| | Tarsip |
| | Taurus Loader, Taurus Builder, Taurus Builder Kit |
| | TAXHAUL |
| | TcpBridge |
| | TCP Port Scanner |
| | Tcp_transfer |
| | Tdrop |
| | Tdrop2 |
| | TDTESS |
| | TeaBot, Anatsa, Toddler, ReBot |
| | TeamSpy, TVSpy, TVRAT, SpY-Agent, TeamViewerENT |
| | TeamViewer |
| | TEARDROP |
| | TechnoCreep |
| | TeleBot |
| | TeleDoor |
| | Telemiris |
| | TelePowerBot |
| | Tempting Cedar Spyware, TemptingCedar Spyware |
| | TERA |
| | Termite |
| | Terracotta VPN |
| | TerraCrypt, PureLocker |
| | TerraPreter |
| | TerraRecon, Taurus Loader Reconnaissance Module |
| | TerraStealer, Taurus Loader Stealer Module, StealerOne, SONE |
| | TerraTV, Taurus Loader TeamViewer Module |
| | TerraWiper |
| | TeslaGun |
| | TFlower |
| | THC Hydra |
| | The CloudSorcerer |
| | THINCRUST |
| | THINSPOOL |
| | THOR |
| | ThreatNeedle, DRATzarus |
| | ThreatKit |
| | THREEBYTE |
| | ThreeDollars |
| Tickler |
| | TidePool |
| | TIDYELF |
| | TigerRAT, Tiger RAT |
| | TightVNC |
| | Tinba, Tiny Banker, TinyBanker, Tina, Illi, Zusy |
| | TinyCryptor |
| | TinyLoader |
| | TinyMet, TiniMet |
| | TinyNode |
| | TinyNote |
| | TinyNuke, NukeBot, Nuclear Bot, MicroBankingTrojan, Xbot |
| | TinyPOS |
| | TinyPosh |
| | Tinyproxy |
| | Tiny SHell, tsh |
| | TinyTurla |
| | TinyTurla-NG, TinyTurla Next Generation, TTNG |
| | TINYTYPHON |
| | TinyZBot |
| | Titan |
| | Titanium |
| | TManger, LuckyBack |
| | TODDLERSHARK |
| | Tofu Backdoor |
| | TOITOIN |
| | TomBerBil |
| | Tomiris |
| | TOM-Skype |
| | TONEDEAF |
| | TONEDEAF 2.0 |
| | TONEINS |
| | TONESHELL |
| | Tonnerre |
| | Topinambour |
| | Torn RAT |
| | TOUCHKEY |
| | TOUCHMOVE |
| | TOUCHSHIFT |
| | TOUCHSHOT |
| | TrailBlazer |
| | TRANSLATEXT |
| | TranslucentGh0st |
| | TreasureHunter, TREASUREHUNT, huntpos |
| | TriangleDB |
| | TrickBot, Trickster, The Trick, TheTrick, Totbrick, TrickLoader, TSPY_TRICKLOAD |
| TrickMo |
| | TRIPLEFANTASY |
| | Triton, TRITON, Trisis, TRISIS, HatMan |
| | TriFive |
| | Trochilus RAT |
| | Troll Stealer, TrollAgent |
| | Troy |
| | Truvasys |
| | TTCalc |
| | TunnelSpecter |
| | Tunnus, QUIETCANARY, Kapushka |
| | Turian |
| | TurlaChopper |
| | TURNEDUP, Notestuk |
| | TwoFace, Minion, HighShell, HyperShell, SEASHARPEE |
| | TypeConfig, SafeDisk |
| | TYPEFRAME |
| | Tyupkin, Padpin |
| | UDPoS |
| | UltraVNC |
| | UNAPIMON |
| | Underground |
| | UNITEDRAKE |
| | Unknown Logger |
| | Upatre |
| | updater.mod |
| | UPDATESEE |
| | UpDocX |
| | UPXShell |
| | URLZone, Bebloh, Shiotob |
| | Uroburos, Urouros, Turla, Snake |
| | USBCulprit |
| | UsbDoc |
| | UsbExe |
| | USBferry |
| | USBStealer, Win32/USBStealer, USB Stealer |
| | USBWorm |
| | Vadokrist |
| | Valak, Valek |
| | ValeforBeta |
| | VALUEVAULT |
| | VAMP, android.micropsia |
| | Vasport |
| | Vatet |
| | Vawtrak, Catch, grabnew, NeverQuest |
| | VBREVSHELL |
| | VBShower |
| | Vcrodat |
| | Veil |
| | VEILEDSIGNAL |
| VeilShell |
| | VELVETSTING |
| | VELVETTAP |
| | VENOMBITE |
| | VenomKit |
| | VenomLNK |
| | VenomRAT |
| | VHD, VHD Ransomware |
| | ViceLeaker, Triout |
| | VIDAR, Vidar Stealer |
| | VIDEOKILLER |
| | VileRAT |
| | VINETHORN |
| | Violet Lambert |
| | Viper |
| | ViperRAT, Viper RAT |
| | VIRTUALGATE |
| | VIRTUALPIE |
| | VIRTUALPITA |
| | VIRTUALSHINE |
| | Vizom |
| | Vjw0rm, Vengeance Justice Worm |
| | Vminst |
| | VNC, Virtual Network Computing |
| | Voice Massege.apk |
| Voldemort |
| | Volgmer, Manuscrypt |
| | VolatileVenom |
| | VPNFilter |
| | VSingle |
| | vSkimmer |
| | Vyveva |
| | W2K Res Kit |
| | w32times |
| | Wadhrama |
| | WAExp |
| | Waizsar RAT |
| | WannaCry, WannaCrypt, WannaCryptor, Wcry, WanaCry, WanaCrypt, WanaCrypt0r, Wana Decrypt0r |
| | WARP |
| | WARPRISM |
| | WARPWIRE |
| | Warzone RAT, Warzone |
| | WastedLoader |
| | WastedLocker |
| | WaterSpout |
| | WbBot |
| | WebBrowserPassView |
| | WebC2, WebC2-AdSpace, WebC2-Ausov, WebC2-Bolid, WebC2-Cson, WebC2-DIV, WebC2-GreenCat, WebC2-Head, WebC2-Kt3, WebC2-Qbp, WebC2-Rave, WebC2-Table, WebC2-UGX, WebC2-Yahoo |
| | Webmask |
| | Weevly |
| | WellMail |
| | WellMess, elf.wellmess |
| | WHEATSCAN |
| | WhiskerSpy |
| | Whisky |
| | WhisperGate, WhisperKill, PAYWIPE |
| | WhiteAtlas |
| | Whitebird |
| | White Lambert |
| | Wiarp |
| | WIDETONE |
| | Wii |
| | Windows Credentials Editor, Windows Credential Editor, WCE |
| | WindTail |
| | WINELOADER |
| | WINERACK |
| | Winexe |
| | Wingbird |
| | WINGCRACK |
| | WINGHOOK |
| | WinIDS |
| | WinMM |
| | WINNKIT |
| | Winnti, BleDoor, RbDoor, RibDoor |
| | WinorDLL64 |
| | Winos |
| | WinPot, ATMPot |
| | WinRAR |
| | WinSCP |
| | Winsloader |
| | WINTERLOVE |
| | WispRider |
| | WinZip |
| | WIPERIGHT |
| | WIREFIRE |
| | WITCHCOVEN |
| | WmiExec |
| | WMI Ghost, Wimmie, Syndicasec |
| | WndTest |
| | WolfRAT, W1_RAT |
| | Wormhole |
| | Wpscan |
| | WSCSPL |
| | WSO, Webshell by Orb |
| | WsTunnel |
| | WyrmSpy, AndroidControl |
| | X-Agent, Xagent, Popr-d30, SPLM, CHOPSTICK, fysbis, Backdoor.SofacyX, webhp |
| | Xbash |
| | XBOT-POS, XBot POS |
| | XBOW |
| | XClient |
| | XDDown |
| | xDll |
| | XDOOR, X-Door |
| | XDList |
| | XDLoc |
| | xkeylog |
| | XDMonitor |
| | XDPass |
| | XDRecon |
| | XDUpload |
| | Xenomorph |
| | xfs-disp.exe |
| | XMRig |
| | xPack, NERAPACK |
| | xRAT |
| | XServer, Filesnfer |
| | XSLCmd |
| | xsPlus, xsControl, nokian |
| | XtremeRAT, Xtreme RAT, ExtRat |
| | X-Tunnel, XTunnel, Shunnael, Trojan.Shunnael, XAPS |
| | Yahoyah, W32/Seeav |
| | YamaBot, Kaos |
| | Yasso |
| | Yispecter, ZxxZ |
| | Yort |
| | yty, Jaca |
| | Zanubis |
| | ZAP |
| | Zebrocy, Zekapab |
| | ZeGhost, BackDoor-FBZT!52D84425CDF2, Trojan.Win32.Staser.ytq, Win32/Zegost.BW |
| | ZE Loader |
| | ZeroCleare |
| | ZeroT |
| | Zeus, ZeuS, Zbot, Trojan.Zbot, Wsnpoem, Gorhax, Kneber |
| | Zeus OpenSSL, Zeus Sphinx, XSphinx |
| | Zeus Panda, ZeusPanda, PandaBanker |
| | ZeusPOS |
| | ZeusVM, VM Zeus, VMzeus, Zberp |
| | zhCat |
| | zhMimikatz |
| | ZIPLINE |
| | ZitMo, ZeuS-in-the-Mobile |
| | zl4vq.sqt |
| | ZLoader, Terdot, DELoader |
| | ZMsg |
| | ZooPark |
| | ZoxRPC, Zox, ZoxPNG, Gresim |
| | XPCTRA, Expectra |
| | ZPP |
| | Z*Stealer, ZStealer |
| | ZUMKONG |
| | Zupdax |
| | zwShell |
| | ZXPortMap |
| | ZXShell, Sensocode |
