Changed | Name |
Tools |
| 3102 RAT |
| 3PARA RAT |
| 3proxy |
| 3Rat Client |
| 404-Input-shell web shell |
| 4H RAT, 4h_rat |
| 7Logger |
| 7-Zip |
| 888 RAT |
| 8.t Dropper, 8.t RTF exploit builder, 8t_dropper, RoyalRoad |
 | 9002 RAT, McRAT, MdmBot, Homux, Hydraq, HidraQ, HOMEUNIX, Aurora, Roarur |
| AbaddonPOS |
| AceHash |
| AcidRain |
| ActionRAT |
| ActionSpy, AxeSpy |
| Acunetix Web Vulnerability Scanner |
 | adbupd |
 | AdFind |
| Adminer |
| AdobeARM |
| ADORE.XSEC |
| Advanced Port Scanner |
| AdvisorsBot |
 | Adwind, Adwind RAT, Frutas, jFrutas, UnReCoM, Alien Spy, AlienSpy, JSocket, Sockrat, jBiFrost, JBifrost RAT, Unknown RAT, jConnectPro RAT, Unrecom, Trojan.Maljava |
| Adzok, Invisible Remote Administrator |
 | Agent.BTZ, Minit, Chinch, Sun rootkit |
| Agent.DNE |
| Agent Tesla, AgentTesla, AgenTesla, Origin Logger, Negasteal |
 | agfSpy |
| Aggah |
| AIRBREAK, Orz |
| Albaniiutas, BlueTraveller |
| Alice, AliceATM, PrAlice, Project Alice |
| Alina POS, Track, alina_eagle, alina_spark, aline_joker, katrina |
| Allakore RAT, AllaKore |
| Alma Communicator |
| ALPC Local PrivEsc |
 | Amadey |
| Amavaldo |
| Amphibeon |
| AMTsol, Adupihan |
 | Anchor, Anchor_DNS |
| Andaratm |
| AndoServer |
| Android RAT |
| Andromeda, Gamarue, B106-Gamarue, B67-SS-Gamarue, b66 |
| AndroMut |
| AndroRAT |
| Anel, lena, UpperCut |
| Antak |
| Antd, GreedyAntd |
| AntSword |
 | Anubis, BankBot, Go_P00t, android.bankbot, android.bankspy |
| AnubisSpy |
| AnyDesk |
| ApacheStealer |
| Apocalipto |
| Apostle |
 | AppleJeus |
 | AppleSeed, JamBog |
| APT3 Keylogger |
 | Ares |
 | AresRAT |
| ArguePatch |
 | Aria-body, AR |
| Aria-body loader |
| ARL, Asset Reconnaissance Lighthouse |
| ARTFULPIE |
| ArtraDownloader, Artra Downloader |
| Aryan |
 | Asacub, Trojan-SMS.AndroidOS.Smaps |
 | ASPXSpy, ASPXTool |
| Asruex |
| Astra |
| AsyncRAT |
| ATI-Agent |
| ATMDtrack |
| ATMii |
| ATMitch |
| Atmos |
| Atmosphere |
| ATMRipper, Ripper, Ripper ATM |
| ATMSpitter |
| AtNow |
| AtomSilo |
| AuditCred, ROptimizer |
| August Stealer |
| AUMLIB, yayih, bbsinfo, mswab, Graftor |
| Auriga, Riodrv |
| AutoIt backdoor |
 | Avaddon |
| Avalanche |
 | Ave Maria, AVE_MARIA, AveMariaRAT, avemaria |
| Aversome infector |
| AWFULSHRED |
| AZORult, PuffStealer, Rultazo |
| Babar, SNOWBALL |
 | Babuk Locker, Babuk, Babyk, Vasa Locker |
| BABYMETAL |
| BabyShark |
| BackBend |
 | BackConfig |
| Backdoor Batel, Batel |
| Backoff, Backoff POS |
| Backspace, Lecna, ZRLnk |
| Backswap |
| BadBazaar |
| BADCALL |
 | BADFLICK |
| BadHatch |
| BADNEWS, JakyllHyde |
| BadPatch, WelcomeChat |
| BadPotato |
| BadRabbit |
| Bahamut |
| Baka |
| Banatrix |
| Bandook, Bandok |
| bangat |
| Banjori, BankPatch, BackPatcher, MultiBanker 2 |
 | Bankshot, COPPERHEDGE, Trojan Manuscript |
| BanSwift |
| Barb(ie) Downloader |
| BarbWire |
| Barlaiy, POISONPLUG |
| Bart |
| Bateleur |
| BazarBackdoor, BazarLoader, BEERBOT, BazarCall, KEGTAP, Team9Backdoor, bazaloader |
| BBSRAT |
| BeaconLoader |
| BeEF |
| beendoor |
| Behinder |
| BELLHOP |
| Bemstour |
 | BendyBear |
| Benghazi.exe |
| BernhardPOS |
| BetaBot, Neurevt |
| Bezigate |
| BH_A006 |
| BHUNT |
| BIFROST, elf.bifrose |
| BigpipeLoader |
| BINBASH |
| Bioazih |
| BIOLOAD |
| BIOPASS RAT, BIOPASS |
| BIRDWATCH |
| BISCUIT, zxdosml |
| Bisonal, Korlia |
| BISTROMATH |
 | BitPaymer, FriedEx, IEncrypt, wp_encrypt |
| BitRAT |
| Bitsran, SHADYCAT |
| BitterRAT, Bitter RAT |
| Bizarro, Bizzaro |
| BlackCat, ALPHV, ALPHVM, Noberus |
 | BlackCoffee, PNGRAT, ZoxPNG, gresim |
 | BlackEnergy, Black Energy |
| Black Lambert |
| BlackMatter |
 | BlackMould |
| BlackPOS, FrameworkPOS, Kaptoxa, POSWDS, Reedum, MMon |
| BlackRAT, BlackRemote |
 | BlackRock, AmpleBot |
 | BLINDINGCAN, DRATzarus RAT |
| BlindToad |
| Blogspot |
 | BloodHound |
| BLUEAGAVE |
| BlueCore |
| BLUEHAZE |
 | BLUELIGHT |
| BLUESTEAL |
| Blue Lambert |
| Bluether, CAPGELD |
| BokBot, IcedID, IceID |
| BONDUPDATER, Poison Frog, Glimpse |
| Bookcode |
| Bookworm |
| Boostwrite |
| BootWreck, MBRkiller |
| Bouncer |
| Bourbon |
| Bozok, Bozok RAT |
| Brambul, SierraBravo, SORRYBRUTE |
| BrasDex |
| Brata, AmexTroll |
| Brave Prince |
| BreachRAT |
 | Briba |
| BrittleBush |
| BROKEYOLK |
| BroStealer |
| BrowsingHistoryView |
| BrutishCommand |
| BrutPOS |
| BS2005 |
| BTC Changer |
 | BUBBLEWRAP, Backdoor.APT.FakeWinHTTPHelper |
| BUFFETLINE |
| Buhtrap, Ratopak |
 | BumbleBee |
| Buran, VegaLocker, Vega |
| BUSTEDPIPE |
| Bvp47 |
| Byeby |
| Bypass-UAC |
| C0d0so0 |
 | Cachedump |
| CACTUSTORCH |
 | CaddyWiper, KillDisk.NCX |
 | Cadelspy, Cadelle, WinSpy |
| Cahnadr, NDriver |
| Cain & Abel |
| CAKETAP |
| CALENDAR |
| Calfbot |
| callCam |
| CallMe |
| Calypso RAT |
| CamCapture Plugin |
| CamuBot |
| Cannon |
| CapraRAT |
| Capriccio RAT |
| CapturaTela |
| Carbanak, Anunak, Sekur, Sekur RAT |
 | CarbonSteal |
 | Cardinal RAT |
| Careto, Mask, Appetite |
 | CARROTBALL |
 | CARROTBAT |
| CASHY200 |
| Casper |
| Castov |
| Catchamas |
| Catelites Bot, Catelites |
| Caterpillar |
 | ccf32 |
| CDorked, CDorked.A |
| CEELOADER |
| CenterPOS, Cerebrus |
 | Cerberus |
 | certutil, certutil.exe |
| CetaRAT |
 | Chaes |
| CHAINSHOT |
| CHAIRSMACK |
| ChChes, HAYMAKER, Ham Backdoor, Scorpion |
| CheckID |
| CheeseTray, CROWDEDFLOUNDER |
 | Cherry Picker, Cherry Picker POS, CherryPicker POS, cherrypickerpos, cherrypicker, cherry_picker |
| ChewBacca |
| China Chopper, CHINACHOPPER, SinoChopper |
 | Chinoxy |
| Chocopop |
| ChromeCookiesView |
| ChromePass |
| chrome-passwords |
 | Chrommme |
| Chthonic, AndroKINS |
| Cinobi |
 | Circles |
| Citadel |
 | CLAMBLING, Clambling |
| Clayslide |
| Cleaner |
| CleanToad |
| ClientTraficForwarder |
 | Clop, Cl0p |
| CLOSEWATCH |
| CloudDuke, Cloud Duke, MiniDionis, CloudLook |
| CLOUDSTATS |
| CmdSQL |
| Cmstar, meciv |
| Cobalt Strike, CobaltStrike, Agentemis, BEACON, cobeacon |
| CobInt, COOLPANTS |
| Cobra Carbon System, Carbon, Pfinet |
| COLDJAVA |
| Colibri Loader |
| Combos |
| Comet, Meteor, Stardust |
| Comfoo, Comfoo RAT |
| Commix |
| Comnie |
| COMpfun, Reductor RAT |
| Computrace, LoJack |
| ComRAT |
| Concealment Troy, concealment_troy |
| Confucius, ChatSpy |
 | Conti |
| Contopee, WHITEOUT |
| CookieBag, TROJAN.COOKIES |
| CookieTime |
| CORALDECK |
| CordScan |
| CoreBot |
| Corentry, Fluxwire |
| CoreLoader |
| CORESHELL, SOURFACE, Sofacy |
| Corkow |
| CosmicDuke, TinyBaron, BotgenStudios, NemesisGemina |
 | CostaBricks |
| Cotx RAT |
| CoughingDown |
| CozyDuke, CozyCar, CozyBear, Cozer, EuroAPT |
 | CrackMapExec |
| Crackshot |
| Creamsicle |
| CredRaptor |
| CREDRIVER |
 | CreepyDrive |
 | CreepySnail |
| Cridex, Bugat, Feodo |
 | Crimson RAT, Crimson, SEEDOOR, Scarimson, MSIL, MSIL/Crimson |
| CLRLoad |
| CronBot |
| CrossRAT, Trupto |
| CrossWalk, Motnug, ProxIP, TOMMYGUN |
| CROWVIEW |
| CroxLoader |
 | Crutch |
| Crypta |
| Cryptcat |
| CrypticConvo |
| CryptoLocker |
| CryptoMix, CryptFile2, Zeta, CryptoShield |
| CryptoWall |
| CryWiper |
| CsExt |
 | CSPY Downloader |
 | Cuegoe |
| Cutlet Maker, Cutlet |
| Cutwail, Pushdo |
| CWoolger, Woolger, WoolenLogger |
| Cyan Lambert |
| CyberGate RAT, CyberGate, Rebhip |
 | Cyclops Blink, CyclopsBlink |
| Cyst Downloader |
 | Dacls RAT, Dacls |
| DADJOKE |
| Dadstache |
| Dagger Three |
| Dairy |
| DanaBot |
 | DanBot |
| DanderSpritz |
| DanDrop |
| Danfuan |
| DarkComet, DarkKomet, Fynloski, FYNLOS, klovbot, Krademok, Breut |
| DarkCrystal RAT, DCRat |
| DARKDEW |
| DarkHotel |
| DarkPulsar |
| DarkRAT |
| Dark Tequila, DarkTequila |
| DarkVNC |
| DarkSide |
| DarthPusher |
| Daserf, Muirim, Nioupale |
| Datper |
| DBoxAgent |
| DbxDump Utility |
 | DCSrv, DCrSrv |
| DCSync |
| DDG |
| DDKONG |
| DEADEYE |
 | DEADWOOD, Detbosit, DETBOSIT, Agrius, SQLShred |
| DealersChoice |
 | DeathRansom, deathransom, DEATHRANSOM, wacatac |
| DebugView |
| Decebal |
| Decrypt-RDCMan.ps1 |
| DeepCreep |
| Deed RAT |
| Defray777, Defray, Defray 2018, Target777, Ransom X, RansomExx, Glushkov |
| DELPHSTATS |
| DeltaCharlie |
 | Dendroid |
| DEPLOYLOG |
| Depriz |
| DeputyDog, Fexel |
 | Derusbi, PHOTO |
 | Desert Scorpion |
| DessertDown |
| Destover, Sierras |
| DetaRAT |
| Dexbia, CONIME |
| Dexter, LusyPOS, StarDust |
| dfrgntfs5.sqt |
 | Diavol |
| DILLJUICE, FYAnti |
| DILLWEED |
| DilongTrash |
| Dino |
| DinoTrain |
| DirBuster |
| Dirsearch |
| DIRTCLEANER, CCleaner Backdoor |
| Distribute.exe |
| DistTrack, Shamoon |
| DKMC |
| DmaUp3.exe |
| DMSniff |
| dmsSpy |
 | dneSpy |
| DNSExfitrator |
| DNSMessenger, TEXTMATE |
 | DNSpionage, Agent Drable, AgentDrable |
| DNSRat, DNSbot |
| DOGCALL |
| Dolphin |
| DoorMe |
| DoppelPaymer, Pay OR Grief |
| Doraemon |
| Dorshel |
| DOSTEALER |
 | DoubleAgent |
| DOUBLEFANTASY, DoubleFantasy, VALIDATOR |
| DoubleFeature |
| DoublePulsar |
| DoubleZero, FiberLake |
| DoubleT |
| Downdelph, Delphacy |
| Downeks |
| DownPaper |
| Dozer, Mytob |
| Dracarys |
| DRAWSTRING |
| DreamBot |
 | Dridex, Bugat v5 |
| DRIFTPIN, Toshliph, Spy.Agent.ORM |
| DRIGO |
| Dripion, Masson |
 | DroidJack |
| DroidPlugin |
 | DropBook |
| Dropbox |
| DropPhone |
 | Drovorub |
| Drupalgeddon |
 | Dtrack, TroyRAT |
| Dudear |
| Dudell |
| Duqu, Tilded |
| Dustman |
| DustySky, NeD Worm |
| Duuzer, Escad |
| DvDupdate.dll |
| DyePack, swift |
| Dyre, Dyreza, Dyzap, Dyranges |
| EarthWorm |
| EasyNight |
| Ebury |
 | Egregor |
| EHAGBPSL, EHAGBPSL Loader |
| EHDevel |
 | Ecipekac, DESLoader, SigLoader, HEAVYHAND |
 | EKANS, Snake, SNAKEHOSE |
| ELECTRICFISH, Alreay |
| Elirks |
 | Elise, BKDR_ESILE, EVILNEST, Page |
| ELMER, Elmost |
| EmailStealer |
| EMASTEAL |
| Emdivi, Newsripper |
| Emissary |
| Emotet, Geodo, Heodo |
| EmpireDNSAgent, EDA |
| EmpireProject, Empire, EmPyre, PowerShell Empire |
| Empoder |
| ENCODE MMC |
| Enfal, Lurid |
| Eomobi |
| Epic, Epic Turla, Tavdig, Wipbot, WorldCupSec, TadjMakhal |
| EpicenterRAT |
| EQUATIONDRUG, EQUESTRE |
| EQUATIONLASER |
| Erebus |
| ERMAC |
| EternalBlue |
| EternalRomance |
| ETUMBOT, RIPTIDE, HIGHTIDE, Exploz, Specfix |
| EvilBunny |
| EvilGnome |
| EvilGrab RAT, EvilGrab, Vidgrab, Wmonder, BKDR_HGDER, BKDR_EVILOGE, BKDR_NVICM |
 | Evilnum, EVILNUM, Marvel |
| EVILSUN |
| Exaramel |
| Excalibur, Sabresac, Saber |
| ExDudell |
| ExileRAT, Exile RAT |
 | ExoBot |
 | ExoBotCompact, Coper, Octo |
 | Explosive |
| EYE |
| EYService |
| FakeFish |
| FakeHighFive |
| FakeM, FakeM RAT, Terminator RAT |
| FakeTC |
| FALLCHILL, FallChill RAT |
| FANNY, DEMENTIAWHEEL |
| Fantasy |
| Farse |
| Farseer |
| FASTCash |
| FastPOS |
 | FatDuke |
| Felismus |
| Felixroot, GreyEnergy mini |
| Ficker Stealer |
| FighterPOS |
| Filerase |
| Filepak |
| FilepakMonitor |
| FileZilla |
| Fimlis |
| Final1stSpy |
| FindPOS, PoSeidon |
| FinFisher, FinFisher RAT, FinSpy |
| fingerprintjs2 |
| Fire Chili |
| FireMalv |
| FireMaster |
 | Fishmaster, JollyJellyfish |
 | FIVEHANDS, Thieflock |
 | Flagpro, BUSYICE |
| Flame, Flamer, sKyWIper, Skywiper |
| Flapjack |
| Flashflood |
| FlawedAmmyy, AmmyyRAT |
| FlawedGrace, GraceWire |
| FlipCreep |
| FLIPSIDE |
| FlokiBot |
| FlowCloud |
| FLOWERPIPE |
| FlowerPippi |
| FlowerPower, BoBoStealer |
| FlyingDutchman |
| Fobber |
 | FoggyWeb |
| Foozer |
| FORKBEARD |
| Formbook, win.xloader |
| FormerFirstRAT, FF-RAT, ffrat |
| FoundCore, RainyDay |
| FOXGRABBER |
| Fox Panel |
| FRAUDROP |
| Freenki Loader |
 | FrozenCell |
| FRP, Fast Reverse Proxy |
| FruityC2 |
| fscan |
| FullThrottle |
 | FunnyDream |
| FunnySwitch, RouterGod |
| FurBall |
| GamaPOS, pios |
| Gamaredon |
| GameOver Zeus, Peer-to-Peer Zeus, P2P Zeus, GOZ |
| GandCrab, GrandCrab |
| Gazer, WhiteBear |
| Gcat |
| GCMAN |
| GDOCUPLOAD |
| GearShift |
| GELCAPSULE |
 | Gelsemine |
 | Gelsenicine |
 | Gelsevirine |
| Gelup |
| Gemcutter |
| GeminiDuke |
| Geppei |
 | Get2, FRIENDSPEAK, GetandGo |
| Get-LAPSP.ps1 |
| get-logon-history.ps1 |
| GetMail |
| GetMyPass, getmypos |
| GetUserSPNS.vbs |
| Gh0stnet, Ghostnet, Remosh |
| Gh0st RAT, Ghost RAT, AngryRebel, Farfli, PCRat, Moudour, Mydoor |
| Gh0stTimes |
| Ghambar |
| Ghole, Gholee, CoreImpact (Modified) |
| GlanceLove, WinkChat |
| GLASSES, Wordpress Bruteforcer |
| GlitchPOS |
| GlobeImposter, Fake Globe |
| GLOOXMAIL, Trojan.GTALK |
| glue30.dll |
| GnatSpy |
| GoBot2 |
| GoBuster |
| GodFather |
| Godlua |
| Godzilla, Godzilla Loader |
| GOGGLES, TROJAN.FOXY |
| GOLDBACKDOOR |
| Gold Dragon, GoldDragon, Lovexxx |
 | GoldenEagle |
| GoldenRAT |
 | GoldFinder |
 | GoldMax, SUNSHUTTLE |
 | GolfSpy |
| GollumApp |
| Gon |
| Goodor, Fuerboos |
| GoogleDrive RAT |
 | Goopy |
| Gootkit, Xswkit, talalpek, Waldek |
| Gophe |
| Gorynych, Gorynch, Diamond Fox, DiamondFox, Crystal |
| GO Simple Tunnel, GOST |
| Gozi, CRM, Gozi CRM, Papras, Ursnif, Snifula |
| Gozi ISFB, ISFB, Pandemyia |
| Gozi v2, Gozi Prinimalka, Prinimalka-Gozi |
| GozNym |
| gpresult, Group Policy Results Tool |
| GpUpdates.exe |
 | Grandoreiro |
| Graphite |
| Graphon |
| GraphSteel, Elephant Client |
| Grateful POS, TRINITY |
| GRAYFISH |
| Gray Lambert |
| Grease |
| GREENCAT |
| GreenDispenser |
 | Green Lambert |
| GreezeBackdoor |
| GreyEnergy |
| Grief, Pay or Grief |
 | Griffon, Harpy |
| GRILLMARK, Hellsing Backdoor |
| GrimPlant, Elephant Implant |
| GROK |
| gsecdump |
 | GuLoader, vbdropper, CloudEyE |
| GUNTERS |
| GUP Proxy Tool |
| H1N1 Loader, H1N1 |
| Hackfase, Hacksfase |
| Hades |
| HALFBAKED, VB Flash |
| HALFSHELL |
| HammerDuke, HAMMERTOSS, NetDuke, tDiscoverer |
 | Hancitor, Chanitor |
| Hannotog |
| HAPPYWORK |
| HARDRAIN |
| Harpoon, Garpun |
 | Havex RAT, Havex, Oldrea, Backdoor.Oldrea, Fertger, PEACEPIPE |
| Havij |
| Hawup, Hawup RAT |
| hcdLoader |
 | HDoor, Custom HDoor |
| HDRoot, HDD Rootkit |
| Helauto |
| Hello EK, LightsOut 2.0 |
 | HELLOKITTY, HelloKitty, KittyCrypt |
| Helminth |
 | HenBox |
| Heriplor |
 | Hermes |
| HermeticRansom, PartyTicket, Elections GoRansom, SonicVote |
 | HermeticWiper, DriveSlayer, FoxBlade, KillDisk.NCV, Trojan.Killdisk, NEARMISS |
 | HermeticWizard |
| HesperBot |
| HiddenLotus |
| HIDEDRV |
| HighNoon |
| HighNote, ChyNode |
| HiKit |
| Hisoka |
| HKDOOR |
| Hodur |
| HomamDownloader |
| HOMEFRY |
| HOPLIGHT, HANGMAN |
| Hornbill |
 | HOTCROISSANT, HotCroissant |
| HotelAlfa |
| HOTLANE |
 | Hotwax, HOTWAX |
| HtDnDownLoader |
| HTML5 Encoding |
| HTran, HUC Packet Transmit Tool |
 | HTTPBrowser, HttpBrowser RAT, HttpDump, TokenControl, Token Control |
| httpclient |
| Http Dr0pper, httpdr0pper, httpdropper |
| HTTP Troy, http_troy |
| HTTPTunnel |
| HUC Port Banner Scanner |
| HUI Loader |
| HummingBad |
| HummingWhale |
| Hunter |
| Hupigon, Hupigon RAT, BKDR_HUPIGON, MFC Huner |
| Hurix |
| Hussar |
 | H-Worm, H-Worm RAT, Houdini RAT, Houdini, Hworm, Njw0rm, Iniduoh, Jenxcus, Kognito, WSHRAT, dinihou, dunihi |
| HyperBro |
| HYPERSCRAPE |
 | HyperStack, GoldenSky, SilentMoon, Turla SilentMoon, BigBoss, Cacao |
| IAP |
| IceCube |
| IcedCoffee |
| Icefog, Fucobha |
| Ice IX |
| IconDown |
| IE PassView |
| IGT supertool, Information Gathering Tool |
| IHEATE |
| Imecab |
| Imminent Monitor RAT, Imminent Monitor |
| Impacket |
| Inception |
 | Industroyer, Crash, CrashOverride, CRASHOVERRIDE, Win32/Industroyer |
| Industroyer2 |
| Infostealer, stereoversioncontrol |
| Infy, Foudre |
| Inveigh |
| InvisiMole |
| Invoke-Ngrok |
| Invoke-SMBAutoBrute |
| Invoke the Hash |
| IPsec Helper |
| IRAFAU |
| IRONHALO |
 | IronNetInjector |
| IronPython |
| IRONSQUIRREL |
| IsaacWiper, LASAINRAW |
| ISMAgent |
| ISMDoor |
| ISMInjector, Agent Injector |
| IsSpace, NfLog RAT |
| Ivoke |
| IXESHE |
 | JackOfHearts, SLOTHFULMEDIA |
| JackPOS |
| JadeRAT |
| Jaff, Rakhni |
| Janeleiro |
 | Janicab |
| Jason |
| Jasus |
| Javafog |
| JESTBOT |
| JhoneRAT |
 | JHUHUGIT, Seduploader, JKEYSKW, Sednit, Downrage, GAMEFISH, carberplike, SofacyCarberp, Carberp, Trojan.Sofacy |
| Joanap, SierraJuliett-MikeOne, SierraJuliett-MikeTwo |
| Jokra, KillMBR, Dembr |
| JpgRun, JpgRun Loader |
| JPIN |
| JRat, Jacksbot |
| JripBot, Jiripbot |
| JS Flash |
| JsonCookies |
| jsp File browser |
| JSPRAT |
| JSPSPY |
| JSSLoader, FOWLGAZE |
| JuicyPotato |
| Jumpall |
| KAgent |
| KARAE |
 | Karagany, Karagny, Trojan.Karagany, xFrost |
| Karba, Trojan.Win32.Karba.e |
| Karius |
| Karkoff, MailDropper, DropperBackdoor, CACTUSPIPE |
| KasperAgent |
| Kazuar |
| KeeThief |
| Kegotip |
| Kelihos, Waledac, Hlux |
| Kerberoast |
| Kerberods |
 | KerrDown |
| Ketrican |
| Ketrum |
| KevDroid |
| KeyBoy, TSSL |
| KEYMARBLE |
| KEYPLUG, ELFSHELF |
| Keyrecord |
 | KGH_SPY, KGH Spyware Suite |
| KHRAT |
| Kikothac |
 | KillDisk, Win32/KillDisk.NBI, Win32/KillDisk.NBH, Win32/KillDisk.NBD, Win32/KillDisk.NBC, Win32/KillDisk.NBB |
| Killua |
| KimJongRAT |
| Kimsuky |
| KingOfHearts |
| KINS, Maple, Zeus.Maple, Kasper Internet Non-Security |
| Kitkiot |
 | KIVARS |
| kl.ps1 |
| KLRD |
| Koadic |
 | KOCTOPUS |
| Komplex |
| KOMPROGO, Splinter RAT |
| Konni |
| KopiLuwak |
| Koredos |
| Korkerds |
| KPortScan |
| KRBanker, Blackmoon |
 | Kronos |
| KSL0T |
| KsRemote |
| Kurton |
| Kwampirs |
| LadonGo |
| Lambert, Plexor |
| Lastacloud |
| LastConn |
| LATCHKEY |
| LATELUNCH |
| LaZagne |
| Lazarus, HIDDEN COBRA RAT/Worm |
| LazyCat |
| lcx |
| Leash |
| LEMONSTICK |
| LEMPO |
| Leo RAT |
| LEOUNCIA, shoco |
| Licat, Murofet |
| liderc |
| LIFEBOAT |
| LIGHTBOLT |
| LightBot |
| LIGHTDART |
| LightNeuron, NETTRANS, XTRANS |
| LightsOut EK |
| lightSpy |
| Lilith RAT, Lilith |
| Limepad |
| LimeRAT |
| Linfo |
| Listrix |
 | LiteDuke |
| lite_more_eggs |
| Little Pig |
| Living off the Land, LOLBins, LOLBAS |
 | Lizar, Tirion, DICELOADER |
| LOADOUT |
| LockBit, ABCD Ransomware, LockBit Black |
| LockerGoga |
 | LockFile |
| LockPOS |
| Locky |
| Loda, Loda RAT, LodaRAT, Nymeria |
| LODEINFO |
| LOGBLEACH |
| Logger Module |
| logon.dll |
| LogPOS |
| logsupport.dll |
| LoJax |
 | LokiBot, Loki, LokiPWS, Loki.Rat, ForeIT |
| LONGRUN |
| LONGWATCH |
| LOWBALL |
| Lowkey, PortReuse |
| LSD |
 | Lslsass |
| Lucky Cat, LuckyCat |
| Luminosity RAT, LuminosityLink |
| LUNCHMONEY |
| Lurk |
| LZ77 |
| Macaw Locker |
| Machete, El Machete |
| Madi |
| Madness PRO DDoS |
| Magecart |
| Magenta Lambert |
| MAGICDROP |
| MagicRAT |
| MagicWeb |
| MailPassView |
| MAILSLOT |
 | Maintools.js |
| MajikPOS |
| MalumPOS |
| ManItsMe |
| MAPIget |
 | Marcher |
| MargulasRAT |
 | MarkiRAT |
| Marlin |
| MATA |
| Matiex |
| Matrix Banker, RediModiUpd |
 | Matryoshka RAT, Matryoshka |
| Maxtrilha |
 | Maze, ChaCha |
| MBR Eraser |
| MBS BTC Stealer |
| Md_client |
 | MechaFlounder |
| Mechanical, GoldStamp |
| MedusaLocker, AKO Doxware, AKO Ransomware, MedusaReborn |
| meek |
| MegaCreep |
| MEGAsync |
| Mekotio, Metamorfo, Casbaneiro |
 | MessageTap |
| METALJACK, denesRAT |
| Metasploit |
| Metasploit Stager |
| Metel |
 | Meterpreter |
| MFC Keyloggers |
| MgBot, BLame, Mgmbot |
| MiamiBeach |
| Microolap Packet Sniffer, TCPDUMP for Windows |
| Micropsia |
| Microcin, Mikroceen |
| MIGLOGCLEANER |
 | Milan, James |
| MILKDROP |
| Milkmaid |
| Milum |
| Mimikatz |
| MINEBRIDGE, MINEBRIDGE RAT, GazGolder |
| MINEDOOR |
| MiniASP |
| MiniDuke |
| MiniWebCmdShell |
| Minzen, XXMM, Wali, ShadowWali, ShadowWalker |
| MirageFox |
| MirrorBlast |
| MirrorStealer |
| Misdat |
| MISTCLOAK |
| MiS-Type |
| Mivast |
| MIXLABEL |
| MKL Pro Keylogger |
| Mobzsar |
| MobileOrder |
| ModPipe |
| ModPOS, straxbot |
 | MoleNet |
| Molerat Loader |
| MoneyTaker |
 | Mongall |
| MoonBounce |
| MOONSHINE |
| MoonWind RAT, MoonWind |
| More_eggs, SpicyOmelette, Terra Loader, SKID |
| Moriya |
| Mosquito |
| Moudoor, SCAR |
| MOVEit Freely |
| MPKBot, MPK |
| MS Exchange Tool |
| msieckc.exe |
| MSFvenom |
| MSUpdater |
| msvcrt58.sqt |
| Mudwater |
| Multigrain, Multigrain POS |
| MultiPipeLoader |
| MumbaiDown |
| MURKYTOP |
| MY24 |
| MyDogs |
| Mydoom, Novarg, Mimail |
| MyKLoadClient |
| MysteryBot |
| MysterySnail RAT, MysterySnail |
| MZCookiesView |
| N1stAgent |
 | NachoCheese, NACHOCHEESE, Cyruslish, TWOPENCE, VIVACIOUSGIFT |
| Naid, Trojan.Naid, Mdmbot.E, AGENT.GUNZ, AGENT.AQUP.DROPPER, AGENT.BMZA, MCRAT.A, AGENT.ABQMR |
| Naikon, XsFunction, Sacto |
| NAILGUN |
| NanHaiShu |
| NanoCore RAT, NanoCore, Nancrat, Zurten, Atros2.CKPN |
| Nautilus |
| NavRAT, JinhoSpy |
| NB65 |
| Nbot, TFC |
 | nbtscan, NBTscan |
| nbtstat |
| NCAT |
| NcFTPPut |
| NDiskMonitor |
 | Nebulae |
| Necurs, nucurs |
| Nefilim, Nephilim |
| Nemim, Nemain |
| Nemty |
| NeoPocket |
| Neptun |
 | Nerex |
 | NestEgg |
| netcat |
| Net Crawler, NetC |
| NetEagle, ScoutEagle, scout, Neteagle_Scout, norton |
| Netero |
| NetExec |
| NetFlash |
| NetHelp Infostealer, NetHelp Striker |
| NetPwdDump |
| NetSess |
| NetSessionEnum |
| NetSupport Manager, NetSupport Manager RAT, NetSupportManager RAT, NetSupport |
| NetTraveler, TravNet, Netfile |
| NetUseEngine |
| Netview |
| NETVulture |
 | NetWalker, MailTo, Koko Ransomware |
| NetWire RC, NetWire RAT, NetWired RC, NetWire, NetWeird, Recam |
| NETWoolger |
| Network Password Recovery |
| Neuron |
| Neutrino, Neutrino Bot, Neutrino Exploit Kit, Kasidet |
| Neutrino POS, Jimmy |
| NewCore RAT |
| NewCT, CT |
| NewCT2 |
| NewPass |
| NewPosThings |
| NewsReels |
| NFlog |
 | Ngrok |
| Nibatad |
 | Nidiran, Backdoor.Nidiran |
| NIGHTJAR |
| NightSky, Night Sky |
| NimbleMamba |
| Nimcy |
| NineBlog |
| Ninja |
| Nishang |
| Niteris EK, CottonCastle |
| NitlovePOS, nitlove |
| njRAT, Bladabindi, Jorik |
| nmap |
| Nokki |
| Non-sucking Service Manager, NSSM |
| NotPetya, EternalPetya, ExPetr, Pnyetya, Petna, Nyetya, NonPetya, nPetya, Petrwrap, Diskcoder.C, GoldenEye |
| NSIS, Nullsoft Scriptable Install System |
| NTDSDump |
| NukeSped |
| Numando |
| Nymaim, nymain |
| ObfuBerry |
| ObfuMerry |
 | ObliqueRAT, Oblique RAT |
 | OceanLotus, OSX_OCEANLOTUS.D, Backdoor.MacOS.OCEANLOTUS.F |
| Oceansalt |
| Octopus |
| OddJob |
| Odinaff |
| OilRig |
 | Okrum |
| OKSOLO |
 | OLDBAIT, Sasfis |
| Olympic Destroyer, SOURGRAPE |
| OnionDuke |
| OopsIE |
| OpBlockBuster |
| OpenDoc |
| OPENSHACKLE |
| OperaPassView |
| OpGhoul |
| Orangeade |
| Orat |
| oRAT |
| ORCSHRED |
| Orcus RAT, Orcus, Schnorchel |
| OS_Check_445 |
 | OSInfo |
| Osiris |
| OutLoader |
| Outlook Backdoor, FACADE |
 | OutSteel |
| OwaAuth, luckyowa |
| Owowa |
| OwlProxy |
 | P8RAT, GreetCake |
| PACMAN |
| PAExec |
| Pagoda |
| Paladin RAT, Paladin |
| Pallas |
 | Pandora |
| PapaCreep |
| Parallax RAT, ParallaxRAT, Parallax |
| P.A.S., PAS, Fobushell |
| Pasam |
| PassKillDisk |
| Pass-The-Hash Toolkit |
| PasswordFox |
| Patao |
 | Pay2Key, Cobalt |
| PayloadBIN |
| pcaudit.bat |
| PCClient |
| PCHUNTER |
 | PCShare |
| PEBBLEDASH |
| Pegasus, Q Suite, Chrysaor, JigglyPuff |
| Penquin Turla |
 | Peppy RAT, Peppy Trojan |
| pgift, ReRol |
| PhanDoor |
| PhantomLance, PWNDROID1, Android.Backdoor.736.origin |
| PhantomNet, SManager |
| Philadelphia, Philadephia Ransom |
| Phishery, Trojan.Phisherly |
| Phoenix, Phoenix Locker |
| PHOREAL, Rizzo |
| PHPMailer |
| PhpSpy |
| PICKPOCKET |
| Pierogi |
| PiggyBack |
| PinchDuke |
| PINEFLOWER, CORRUPT KITTEN |
 | PingPull |
| PinkKite |
| Pink Lambert |
| Pioneer, Virus.Win32.Pioneer.dx, igfxext.exe |
 | PipeMon |
 | Pirpi, SHOTPUT, Badey, EXL, CookieCutter, Backdoor.APT.CookieCutter |
 | Pisloader, Roseam |
| Pitty, PittyTiger RAT |
| PixStealer, BrazKing |
| PLAINTEE |
 | PLEAD, DRAWDOWN, GOODTIMES, Linopid, TSCookie |
| Plink, PuTTY Link |
 | Ploutus, Ploutus ATM, Plotus |
| PluginPhantom |
 | PlugX, Destroy RAT, DestroyRAT, Korplug, Sogu, Kaba, Xamtrav, Agent.dhwf, RedDelta, TIGERPLUG, Thoper, TVT |
| pngdowner |
| PNGLoad |
 | PocoDown, Blitz, PocoDownloader |
| PoisonCarp, INSOMNIA |
 | Poison Ivy, pivy, poisonivy, Gen:Trojan.Heur.PT, Darkmoon, Chymine, SPIVY |
 | Poldat, Zlib, KABOB |
 | PolyglotDuke |
 | Pony, Pony Loader, Siplog, Fareit |
| PoohMilk Loader, PoohMilk |
| POORAIM, Backdoor.APT.POORAIM |
| POPFLASH |
| Port.exe |
| PORTHOLE |
| PortQry |
| PortScan |
| PosCardStealer |
| PoshAdvisor |
| PoshC2 |
| POSHSPY |
| PoSlurp, PUNCHTRACK, PSVC |
| POTROAST |
| POWBAT |
| PowerBand |
| PowerBrace |
| PowerDuke |
| PowerDump |
| Powerkatz |
| PowerLess Backdoor |
| Powermud |
| PowerPepper |
| POWERPIPE |
| POWERPLANT, KillACK |
| POWERPOST |
 | PowerPunch |
| PowerRatankba, QUICKRIDE.POWER |
| PowerShell RAT |
| PowerShellRunner-based RPC backdoor, PowerShellRunner |
 | PowerShower |
| Powersing |
| POWERSOURCE |
| PowerSploit |
| PowerSpritz |
| PowerStallion |
 | POWERSTATS, Valyria |
| PowerTask |
| POWERTON |
| PowerTrick |
| PowerView |
 | PowGoop |
| PowHeartBeat |
| POWRUNER |
| POWSSHNET |
| PRB-Backdoor, prb_backdoor |
| Prikormka |
| Prilex |
| PRIVATELOG |
| ProcDump |
| ProduKey |
 | ProLock, PwndLocker |
| Pro-Ocean |
| Pro POS |
| Protected Storage PassView |
| Protux |
| ProxyBot |
| ProxyChains |
| Proxysvc |
| ProxyT |
| PseudoManuscrypt |
| PsExec |
| psinstrc.ps1 |
| PsiXBot, PsiX |
| PsList |
 | PSLogger, ECCENTRICBANDWAGON |
| Psylo |
| Pteranodon, Pterodo |
| PubFantacy |
| PUBLOAD |
| PunchBuggy, ShellTea, Powersniff |
| Punkey, PunkeyPOS, Punkey POS, pospunk |
| PuppetLoader |
| PupyRAT, Pupy, pupy |
| Purple Lambert |
| PuTTY |
| PVE Find AD Users |
| PVZ-In |
| PVZ-Out, PvzOut |
| pwdump |
| PwnPOS |
| Pyark |
 | PyDCrypt |
| PyFlash |
| Pylot, Travle |
| PyMICROPSIA |
| PythocyDbg |
| PyVil RAT, PyVil |
| PyXie, PyXie RAT |
| Qadars |
 | QakBot, QuakBot, QuackBot, Qbot, PinkSlip, Pinkslipbot, Oakboat |
| QCRat |
| QUADAGENT |
| Quant Loader, QuantLoader |
| QuarkBandit |
| Quarks PwDump |
 | QuasarRAT, Quasar RAT, CinaRAT, Yggdrasil |
| QueenOfClubs, SlothfulMedia |
| QueenOfHearts |
| Quickcafe |
| QUIETEXIT |
 | QuietSieve |
| RADIOSTAR |
 | RagnarLocker, Ragnar Locker |
| Ragnatela, Ragnatela RAT |
| RaidBase |
 | RAINDROP |
| Rambo, brebsd |
| Ramnit, Nimnul |
 | Ramsay |
| Rana |
| Ranbyus |
| RansomBoggs |
| RapidStealer |
| rarstar |
| RARSTONE |
| Raspberry Robin, RaspberryRobin, LINK_MSIEXEC, QNAP-Worm |
 | Ratankba, Ratabanka, QUICKRIDE |
 | RatankbaPOS, RatabankaPOS |
| RatSnif |
 | RawDisk |
| RawPOS, FIENDCRY, DUEBREW, DRIFTWOOD |
 | RCLONE, Rclone |
 | RCSession |
| RCS Galileo |
| RC SHELL |
| Rdasrv |
 | RDAT, GREYSTUFF |
| RDFSNIFFER |
| RDP, Remote Desktop Protocol |
| Recon |
| ReconModule |
| Red Alert, Red Alert 2.0 |
| RedAlpha |
| RedCore |
| RedLeaves, BUGJUICE |
| RedPepper, Adupib |
| RedSalt, Dipsind |
 | RedShawl |
| RedXOR |
| ReflectiveGnome |
 | RegDuke |
| reGeorg |
| Regin, Prax, WarriorPride |
| Remcom, RemoteCommandExecution |
| RemcosRAT, Remcos, Remvio, Socmer |
| Remexi, CACHEMONEY |
| remote-access-c3 |
 | RemoteCMD |
| Remote CMD/PowerShell terminal |
| Remote Control System, RCS, Crisis |
| Remote Desktop PassView |
 | Remsec, Backdoor.Remsec, ProjectSauron |
 | RemShell |
| RemShell Downloader |
 | Remy, Remy RAT, WINDSHIELD |
| Resetter |
| Responder, SpiderLabs Responder |
 | Retefe, Dok, Tsukuba, Werdlod |
| Retefe (Android) |
| Retro |
| RevengeRAT, Revenge RAT, Revenge, Revetrat |
| ReverseRAT |
| ReZer0 |
| RGDoor |
| RICECURRY, Exploit.APT.RICECURRY |
 | Rifdoor |
| Rikamanu |
 | Rising Sun |
| RMS, Remote Manipulator System, Gussdoor |
| Roaming Mantis, MoqHao, XLoader, Wroba |
| RoboSki |
| ROCK, yellowalbatross |
| ROCKBOOT |
| RocketMan |
| RockLoader |
| RogueRobin, RogueRobinNET |
 | RokRAT |
| Roland, Roland RAT |
| Romeos, RomeoCore, Romeo-CoreOne, R-C1 |
| RomeoAlfa, AlphaNC |
| RomeoBravo, BravoNC |
| RomeoCharlie |
| RomeoDelta, DeltaNC |
| RomeoEcho |
| RomeoFoxtrot |
| RomeoGolf |
| RomeoHotel |
| RomeoMike |
| RomeoNovember |
| RomeoWhiskey, Winsec |
| Rook |
| RottenPotato |
| ROUTERSCAN |
| RoyalCli |
| RoyalDNS, Royal DNS |
| RTM, RTM Banker, Redaman |
| RtPOS |
| Rubeus |
| RUHAPPY |
| Ruler |
| RunningRAT, Running RAT, running_rat |
| RURansom |
 | Ryuk |
| S3BROWSER |
| Safe |
| SafetyKatz |
| SAGEHIRE |
| Sagerunex |
| SaintBot, Saint Bot |
| Saitama, Saitama Backdoor |
| Sakabota |
 | Sakula RAT, Sakula, Sakurel, VIPER |
| Salgorea, BadCake |
| Sality, Sector, Kuku, SalLoad, Kookoo, SaliCode, Kukacka |
| SALTLICK |
| SamSam, Samas |
| Samurai |
| Sandboxie |
| SandroRAT |
| Sardonic |
| Sasfis, Oficla |
| Satellite Turla |
| scanbox |
| ScanPOS |
| ScarCruft, StarCruft |
 | Scieron |
| Scotch |
| Scote |
| SCRAPMINT |
| ScreenCap |
| Screenshotter |
| sctrls |
 | SDBbot |
| SDelete |
 | SeaDuke, SeaDaddy, SeaDesk, SeaDask |
| Seasalt |
| SEAWEED |
| SecHack |
| SecreetsDump |
| Secure FTP Client |
| Secure Socket Funneling, SSF |
| Sedkit |
| SeDLL |
| Sedreco, AZZY, EVILTOSS, ADVSTORESHELL, NETUI |
| Separ |
| Sepulcher |
| SerialVlogger |
| Serveo |
| ServHelper |
| SessionGopher |
| ShadowHammer, DAYJOB |
| ShadowNet |
| ShadowPad Winnti, POISONPLUG.SHADOW, XShellGhost |
| ShadyRAT |
| SHAPESHIFT |
 | shareip, remotecmd |
 | Shark |
| SharkBot |
| SHARPEXT |
| SharpHound |
| SHARPKNOT, Bitrep |
| Sharp-SMBExec |
| SharpSploit |
 | SharpStage |
 | SHARPSTATS |
| SharpView |
| SharPyShell |
| SheepRAT |
| ShellClient |
| SHELLSWEEP |
| Shifu |
 | ShimRAT, Shim RAT |
| Shipshape |
| Shootback |
| SHORTBENCH |
| SHUTTERSPEED |
| Shylock, Caphaw |
 | Sibot |
 | SideTwist |
| SideWalk, ScrambleCross |
| SierraAlfa |
| SierraCharlie |
| SIGTRANslator |
| Silence, Silence.Downloader, TrueBot |
| SilentCMD |
| Silent Night |
| SILENTUPLOADER |
 | SilkBean |
| SilverHawk |
| Silver Lambert |
| Sima |
| Sinowal, Anserin, Mebroot, Quarian, Theola, Torpig |
| sip_telephone |
| Sisfader, Sisfader RAT |
| Sisron |
| SIXPACK |
| SkeletonKeyInjector |
| SkiBoot |
| Skimer |
| SkinnyBoy |
| Skip-2.0 |
| Skipper, Kotel |
| SLAPSTICK |
| sLoad, StarsLord |
| SLICKSHOES |
| Slingshot |
 | Sliver |
| SLOWDRIFT |
| SLOWROLL |
| SLRat |
| SLUB |
| SMBExec |
| Smbmap |
| smbscan |
| smbtool |
| SMBTouch |
| SMBTrap |
| Smoke Loader, SmokeLoader, Smoke, Dofoil, Sharik |
| SmsSpy |
| Snatch |
| Sneepy, ByeByeShell |
| SniffPass |
| SnifLite |
| SNUGRIDE |
 | Snugy |
| SocksBot, BIRDDOG, Nadrac |
 | SocGholish, FAKEUPDATES, FakeUpdate |
 | SodaMaster, DelfsCake, dfls, DARKTOWN, HEAVYPOT |
 | Sodinokibi, Sodin, REvil |
| SodomMain, SodomMain RAT |
| SodomNormal |
| SoftEther VPN |
| SoftPerfect Network Scanner |
| Sojax |
| SOLOSHRED |
 | SombRAT |
 | SoreFang |
| Sorgu |
| Soraya |
 | SOUNDBITE, Denis |
| SOUNDWAVE |
| S.O.V.A. |
| Spaceship |
 | Spark |
| SPARKLOG |
| SparrowDoor, FamousSparrow |
| Speculoos |
| Spedear |
| Spindest, Backdoor.Apocalipto |
| SPINOFF |
| SPINNER |
| SPOONBEARD |
| spwebmember |
| Spyder |
| SpyEye |
| SpyNote RAT, SpyNote |
| SpyWaller |
| sqllauncher.dll |
| sqlmap |
| SQLRAT |
| SScan |
| SSHMinion |
| SslMM |
| SSLove RAT |
| StarLoader |
| StarsyPound |
| STASHLOG |
| Stealer |
| StealthFalcon |
| Stealth Mango |
| STEELCORGI |
| STEELHOUND |
| StickyFingers, QUICKBALL |
| StoneDrill, DROPSHOT |
| StreamEx |
 | StrifeWater, StrifeWater RAT |
 | StrongPity |
| StrongPity2 |
| StrongPity3 |
| STSRCheck |
| Stunnel |
 | Stuxnet, W32.Stuxnet |
| S-Type |
| Subbrute |
| Sublist3r |
| SubtractThis |
| SUCEFUL |
| SUN4ME |
| SunBird |
 | SUNBURST, Solorigate |
| SunCrypt |
 | SUNSPOT |
 | SUPERNOVA |
| SVCMONDR |
| SWEARJAR |
| SWEETCANDLE |
| swissknife2 |
| Sword |
| Sykipot, Getkys, Wkysol |
| Symatic Loader |
| SymonLoader |
| SynFlooder |
| Sys10 |
 | Syscon, SYSCON, Sanny |
| SystemBC, Coroxy |
| SysGet, HelloBridge |
| SysInternals |
| SysKit, IvizTech, MANGOPUNCH |
| Sysmain |
 | SysUpdate, FOCUSFJORD, HyperSSL, Soldier |
| TABBYCAT |
| TabMsgSQL, LETSGO |
| Tafacalou |
| Taidoor, simbot |
 | TAINTEDSCRIBE |
| TAMECAT |
| Tapaoux |
| Tarsip |
| Taurus Loader, Taurus Builder, Taurus Builder Kit |
| TcpBridge |
| TCP Port Scanner |
| Tcp_transfer |
| Tdrop |
| Tdrop2 |
| TDTESS |
| TeaBot, Anatsa, Toddler, ReBot |
| TeamSpy, TVSpy, TVRAT, SpY-Agent, TeamViewerENT |
| TeamViewer |
 | TEARDROP |
| TechnoCreep |
| TeleBot |
| TeleDoor |
| Tempting Cedar Spyware, TemptingCedar Spyware |
| TERA |
| Termite |
| Terracotta VPN |
| TerraCrypt, PureLocker |
| TerraPreter |
| TerraRecon, Taurus Loader Reconnaissance Module |
| TerraStealer, Taurus Loader Stealer Module, StealerOne, SONE |
| TerraTV, Taurus Loader TeamViewer Module |
| TerraWiper |
| TeslaGun |
| TFlower |
| THC Hydra |
| THOR |
 | ThreatNeedle |
| ThreatKit |
| THREEBYTE |
| ThreeDollars |
| TidePool |
| TIDYELF |
| TigerRAT, Tiger RAT |
| Tinba, Tiny Banker, TinyBanker, Tina, Illi, Zusy |
| TinyCryptor |
| TinyLoader |
| TinyMet, TiniMet |
| TinyNode |
| TinyNuke, NukeBot, Nuclear Bot, MicroBankingTrojan, Xbot |
| TinyPOS |
| TinyPosh |
| Tiny SHell, tsh |
 | TinyTurla |
| TINYTYPHON |
| TinyZBot |
| Titan |
| Titanium |
| TManger, LuckyBack |
| Tofu Backdoor |
 | Tomiris |
| TOM-Skype |
| TONEDEAF |
| TONEDEAF 2.0 |
| TONEINS |
| TONESHELL |
| Tonnerre |
| Topinambour |
| Torn RAT |
 | TrailBlazer |
| TreasureHunter, TREASUREHUNT, huntpos |
| TrickBot, Trickster, The Trick, TheTrick, Totbrick, TrickLoader, TSPY_TRICKLOAD |
 | TrickMo |
| TRIPLEFANTASY |
 | Triton, TRITON, Trisis, TRISIS, HatMan |
| TriFive |
| Trochilus RAT |
| Troy |
| Truvasys |
| TTCalc |
| Tunnus |
 | Turian |
| TurlaChopper |
| TURNEDUP, Notestuk |
| TwoFace, Minion, HighShell, HyperShell, SEASHARPEE |
| TypeConfig, SafeDisk |
| TYPEFRAME |
| Tyupkin, Padpin |
| UDPoS |
| UltraVNC |
| UNITEDRAKE |
 | Unknown Logger |
| Upatre |
| updater.mod |
| UPDATESEE |
| UpDocX |
| UPXShell |
| URLZone, Bebloh, Shiotob |
| Uroburos, Urouros, Turla, Snake |
| USBCulprit |
| UsbDoc |
| UsbExe |
 | USBferry |
 | USBStealer, Win32/USBStealer, USB Stealer |
| USBWorm |
| Vadokrist |
 | Valak, Valek |
| ValeforBeta |
| VALUEVAULT |
| VAMP, android.micropsia |
 | Vasport |
| Vatet |
 | Vawtrak, Catch, grabnew, NeverQuest |
| VBREVSHELL |
 | VBShower |
| Vcrodat |
| Veil |
| VenomKit |
| VenomLNK |
| VHD, VHD Ransomware |
 | ViceLeaker, Triout |
| VIDAR |
| VIDEOKILLER |
| VileRAT |
| VINETHORN |
| Violet Lambert |
| Viper |
 | ViperRAT, Viper RAT |
| Vizom |
| Vjw0rm, Vengeance Justice Worm |
| Vminst |
| VNC, Virtual Network Computing |
| Voice Massege.apk |
| Volgmer, Manuscrypt |
| VolatileVenom |
| VPNFilter |
| VSingle |
| vSkimmer |
| Vyveva |
| w32times |
| Wadhrama |
| Waizsar RAT |
 | WannaCry, WannaCrypt, WannaCryptor, Wcry, WanaCry, WanaCrypt, WanaCrypt0r, Wana Decrypt0r |
| WARP |
| WARPRISM |
 | Warzone RAT, Warzone |
| WastedLoader |
 | WastedLocker |
| WaterSpout |
| WbBot |
| WebBrowserPassView |
| WebC2, WebC2-AdSpace, WebC2-Ausov, WebC2-Bolid, WebC2-Cson, WebC2-DIV, WebC2-GreenCat, WebC2-Head, WebC2-Kt3, WebC2-Qbp, WebC2-Rave, WebC2-Table, WebC2-UGX, WebC2-Yahoo |
| Webmask |
 | WellMail |
 | WellMess, elf.wellmess |
| WHEATSCAN |
| Whisky |
 | WhisperGate, WhisperKill, PAYWIPE |
| WhiteAtlas |
| Whitebird |
| White Lambert |
 | Wiarp |
| WIDETONE |
| Wii |
 | Windows Credentials Editor, Windows Credential Editor, WCE |
 | WindTail |
| WINERACK |
 | Winexe |
 | Wingbird |
| WINGCRACK |
| WINGHOOK |
| WinIDS |
| WinMM |
| WINNKIT |
| Winnti, BleDoor, RbDoor, RibDoor |
| WinPot, ATMPot |
| WinRAR |
| WinSCP |
| Winsloader |
| WINTERLOVE |
| WinZip |
| WIPERIGHT |
| WITCHCOVEN |
| WmiExec |
| WMI Ghost, Wimmie, Syndicasec |
| WndTest |
 | WolfRAT, W1_RAT |
 | Wormhole |
| Wpscan |
| WSCSPL |
| WSO, Webshell by Orb |
 | X-Agent, Xagent, Popr-d30, SPLM, CHOPSTICK, fysbis, Backdoor.SofacyX, webhp |
| Xbash |
| XBOT-POS, XBot POS |
| XBOW |
| XDDown |
| xDll |
| XDOOR, X-Door |
| XDList |
| XDLoc |
| XDMonitor |
| XDPass |
| XDRecon |
| XDUpload |
| Xenomorph |
| xfs-disp.exe |
| XMRig |
| xPack, NERAPACK |
| xRAT |
| XServer, Filesnfer |
| XSLCmd |
| xsPlus, xsControl, nokian |
| XtremeRAT, Xtreme RAT, ExtRat |
 | X-Tunnel, XTunnel, Shunnael, Trojan.Shunnael, XAPS |
 | Yahoyah, W32/Seeav |
| YamaBot, Kaos |
 | Yispecter, ZxxZ |
| Yort |
| yty, Jaca |
| ZAP |
| Zebrocy, Zekapab |
| ZeGhost, BackDoor-FBZT!52D84425CDF2, Trojan.Win32.Staser.ytq, Win32/Zegost.BW |
| ZE Loader |
| ZeroCleare |
| ZeroT |
| Zeus, ZeuS, Zbot, Trojan.Zbot, Wsnpoem, Gorhax, Kneber |
| Zeus OpenSSL, Zeus Sphinx, XSphinx |
| Zeus Panda, ZeusPanda, PandaBanker |
| ZeusPOS |
| ZeusVM, VM Zeus, VMzeus, Zberp |
| zhCat |
| zhMimikatz |
| ZitMo, ZeuS-in-the-Mobile |
| zl4vq.sqt |
| ZLoader, Terdot, DELoader |
| ZooPark |
 | ZoxRPC, Gresim |
| XPCTRA, Expectra |
| ZPP |
| Z*Stealer, ZStealer |
| ZUMKONG |
| Zupdax |
| zwShell |
| ZXPortMap |
| ZXShell, Sensocode |