CINXE.COM
Astaroth, Software S0373 | MITRE ATT&CK®
<!DOCTYPE html> <html lang='en'> <head> <script async src="https://www.googletagmanager.com/gtag/js?id=UA-62667723-1"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'UA-62667723-1'); </script> <meta name="google-site-verification" content="2oJKLqNN62z6AOCb0A0IXGtbQuj-lev5YPAHFF_cbHQ"/> <meta charset='utf-8'> <meta name='viewport' content='width=device-width, initial-scale=1, shrink-to-fit=no'> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <link rel='shortcut icon' href="/versions/v9/theme/favicon.ico" type='image/x-icon'> <title>Astaroth, Software S0373 | MITRE ATT&CK®</title> <!-- Bootstrap CSS --> <link rel='stylesheet' href="/versions/v9/theme/style/bootstrap.min.css" /> <link rel='stylesheet' href="/versions/v9/theme/style/bootstrap-glyphicon.min.css" /> <link rel='stylesheet' href="/versions/v9/theme/style/bootstrap-tourist.css" /> <link rel="stylesheet" type="text/css" href="/versions/v9/theme/style.min.css?426cc53a"> </head> <body> <!--stopindex--> <header> <nav class='navbar navbar-expand-lg navbar-dark fixed-top'> <a class='navbar-brand' href="/versions/v9/"><img src="/versions/v9/theme/images/mitre_attack_logo.png" class="attack-logo"></a> <button class='navbar-toggler' type='button' data-toggle='collapse' data-target='#navbarCollapse' aria-controls='navbarCollapse' aria-expanded='false' aria-label='Toggle navigation'> <span class='navbar-toggler-icon'></span> </button> <div class='collapse navbar-collapse' id='navbarCollapse'> <ul class='nav nav-tabs ml-auto'> <li class="nav-item"> <a href="/versions/v9/matrices/" class="nav-link" ><b>Matrices</b></a> </li> <li class="nav-item dropdown"> <a class="nav-link dropdown-toggle" href="/versions/v9/tactics/" id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <b>Tactics</b> </a> <div class="dropdown-menu " aria-labelledby="navbarDropdown"> <a class="dropdown-item" href="/versions/v9/tactics/enterprise/">Enterprise</a> <a class="dropdown-item" href="/versions/v9/tactics/mobile/">Mobile</a> </div> </li> <li class="nav-item dropdown"> <a class="nav-link dropdown-toggle" href="/versions/v9/techniques/" id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <b>Techniques</b> </a> <div class="dropdown-menu " aria-labelledby="navbarDropdown"> <a class="dropdown-item" href="/versions/v9/techniques/enterprise/">Enterprise</a> <a class="dropdown-item" href="/versions/v9/techniques/mobile/">Mobile</a> </div> </li> <li class="nav-item dropdown"> <a class="nav-link dropdown-toggle" href="/versions/v9/mitigations/" id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <b>Mitigations</b> </a> <div class="dropdown-menu " aria-labelledby="navbarDropdown"> <a class="dropdown-item" href="/versions/v9/mitigations/enterprise/">Enterprise</a> <a class="dropdown-item" href="/versions/v9/mitigations/mobile/">Mobile</a> </div> </li> <li class="nav-item"> <a href="/versions/v9/groups" class="nav-link" ><b>Groups</b></a> </li> <li class="nav-item"> <a href="/versions/v9/software/" class="nav-link" ><b>Software</b></a> </li> <li class="nav-item dropdown"> <a class="nav-link dropdown-toggle" href="/versions/v9/resources/" id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <b>Resources</b> </a> <div class="dropdown-menu " aria-labelledby="navbarDropdown"> <a class="dropdown-item" href="/versions/v9/resources/">General Information</a> <a class="dropdown-item" href="/versions/v9/resources/getting-started/">Getting Started</a> <a class="dropdown-item" href="/versions/v9/resources/training/">Training</a> <a class="dropdown-item" href="/versions/v9/resources/attackcon/">ATT&CKcon</a> <a class="dropdown-item" href="/versions/v9/resources/working-with-attack/">Working with ATT&CK</a> <a class="dropdown-item" href="/versions/v9/resources/faq/">FAQ</a> <a class="dropdown-item" href="/resources/updates/">Updates</a> <a class="dropdown-item" href="/resources/versions/">Versions of ATT&CK</a> <a class="dropdown-item" href="/versions/v9/resources/related-projects/">Related Projects</a> </div> </li> <li class="nav-item"> <a href="https://medium.com/mitre-attack/" target="_blank" class="nav-link"> <b>Blog</b> <img src="/versions/v9/theme/images/external-site.svg" alt="External site" class="external-icon" /> </a> </li> <li class="nav-item"> <a href="/versions/v9/resources/contribute/" class="nav-link" ><b>Contribute</b></a> </li> <li class="nav-item"> <button id="search-button" class="btn search-button">Search <div class="search-icon"></div></button> </li> </ul> </div> </nav> </header> <!-- don't edit or remove the line below even though it's commented out, it gets parsed and replaced by the versioning feature --> <div class="container-fluid version-banner"><div class="icon-inline baseline mr-1"><img src="/versions/v9/theme/images/icon-warning-24px.svg"></div>Currently viewing <a href="https://github.com/mitre/cti/releases/tag/ATT%26CK-v9.0" target="_blank">ATT&CK v9.0</a> which was live between April 29, 2021 and October 20, 2021. <a href="/resources/versions/">Learn more about the versioning system</a> or <a href="/">see the live site</a>.</div> <div id='content' class="maincontent"> <!--start-indexing-for-search--> <div class='container-fluid h-100'> <div class='row h-100'> <div class="nav flex-column col-xl-2 col-lg-3 col-md-3 sidebar nav pt-5 pb-3 pl-3 border-right" id="v-tab" role="tablist" aria-orientation="vertical"> <!--stop-indexing-for-search--> <div class="group-nav-desktop-view"> <span class="heading" id="v-home-tab" aria-selected="false">SOFTWARE</span> <div class="sidenav"> <div class="sidenav-head" id="0-0"> <a href="/versions/v9/software/"> Overview </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="3PARA RAT-3PARA RAT"> <a href="/versions/v9/software/S0066/"> 3PARA RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="4H RAT-4H RAT"> <a href="/versions/v9/software/S0065/"> 4H RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ABK-ABK"> <a href="/versions/v9/software/S0469/"> ABK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="adbupd-adbupd"> <a href="/versions/v9/software/S0202/"> adbupd </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="AdFind-AdFind"> <a href="/versions/v9/software/S0552/"> AdFind </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Adups-Adups"> <a href="/versions/v9/software/S0309/"> Adups </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ADVSTORESHELL-ADVSTORESHELL"> <a href="/versions/v9/software/S0045/"> ADVSTORESHELL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Agent Smith-Agent Smith"> <a href="/versions/v9/software/S0440/"> Agent Smith </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Agent Tesla-Agent Tesla"> <a href="/versions/v9/software/S0331/"> Agent Tesla </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Agent.btz-Agent.btz"> <a href="/versions/v9/software/S0092/"> Agent.btz </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Allwinner-Allwinner"> <a href="/versions/v9/software/S0319/"> Allwinner </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Anchor-Anchor"> <a href="/versions/v9/software/S0504/"> Anchor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Android/AdDisplay.Ashas-Android/AdDisplay.Ashas"> <a href="/versions/v9/software/S0525/"> Android/AdDisplay.Ashas </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Android/Chuli.A-Android/Chuli.A"> <a href="/versions/v9/software/S0304/"> Android/Chuli.A </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="AndroidOS/MalLocker.B-AndroidOS/MalLocker.B"> <a href="/versions/v9/software/S0524/"> AndroidOS/MalLocker.B </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ANDROIDOS_ANSERVER.A-ANDROIDOS_ANSERVER.A"> <a href="/versions/v9/software/S0310/"> ANDROIDOS_ANSERVER.A </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="AndroRAT-AndroRAT"> <a href="/versions/v9/software/S0292/"> AndroRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Anubis-Anubis"> <a href="/versions/v9/software/S0422/"> Anubis </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="AppleJeus-AppleJeus"> <a href="/versions/v9/software/S0584/"> AppleJeus </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Aria-body-Aria-body"> <a href="/versions/v9/software/S0456/"> Aria-body </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Arp-Arp"> <a href="/versions/v9/software/S0099/"> Arp </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Asacub-Asacub"> <a href="/versions/v9/software/S0540/"> Asacub </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ASPXSpy-ASPXSpy"> <a href="/versions/v9/software/S0073/"> ASPXSpy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head active" id="Astaroth-Astaroth"> <a href="/versions/v9/software/S0373/"> Astaroth </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="at-at"> <a href="/versions/v9/software/S0110/"> at </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Attor-Attor"> <a href="/versions/v9/software/S0438/"> Attor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="AuditCred-AuditCred"> <a href="/versions/v9/software/S0347/"> AuditCred </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="AutoIt backdoor-AutoIt backdoor"> <a href="/versions/v9/software/S0129/"> AutoIt backdoor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Avenger-Avenger"> <a href="/versions/v9/software/S0473/"> Avenger </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Azorult-Azorult"> <a href="/versions/v9/software/S0344/"> Azorult </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BabyShark-BabyShark"> <a href="/versions/v9/software/S0414/"> BabyShark </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BackConfig-BackConfig"> <a href="/versions/v9/software/S0475/"> BackConfig </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Backdoor.Oldrea-Backdoor.Oldrea"> <a href="/versions/v9/software/S0093/"> Backdoor.Oldrea </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BACKSPACE-BACKSPACE"> <a href="/versions/v9/software/S0031/"> BACKSPACE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BADCALL-BADCALL"> <a href="/versions/v9/software/S0245/"> BADCALL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BADNEWS-BADNEWS"> <a href="/versions/v9/software/S0128/"> BADNEWS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BadPatch-BadPatch"> <a href="/versions/v9/software/S0337/"> BadPatch </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Bandook-Bandook"> <a href="/versions/v9/software/S0234/"> Bandook </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Bankshot-Bankshot"> <a href="/versions/v9/software/S0239/"> Bankshot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Bazar-Bazar"> <a href="/versions/v9/software/S0534/"> Bazar </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BBK-BBK"> <a href="/versions/v9/software/S0470/"> BBK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BBSRAT-BBSRAT"> <a href="/versions/v9/software/S0127/"> BBSRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BendyBear-BendyBear"> <a href="/versions/v9/software/S0574/"> BendyBear </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BISCUIT-BISCUIT"> <a href="/versions/v9/software/S0017/"> BISCUIT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Bisonal-Bisonal"> <a href="/versions/v9/software/S0268/"> Bisonal </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BitPaymer-BitPaymer"> <a href="/versions/v9/software/S0570/"> BitPaymer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BITSAdmin-BITSAdmin"> <a href="/versions/v9/software/S0190/"> BITSAdmin </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BLACKCOFFEE-BLACKCOFFEE"> <a href="/versions/v9/software/S0069/"> BLACKCOFFEE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BlackEnergy-BlackEnergy"> <a href="/versions/v9/software/S0089/"> BlackEnergy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BlackMould-BlackMould"> <a href="/versions/v9/software/S0564/"> BlackMould </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BLINDINGCAN-BLINDINGCAN"> <a href="/versions/v9/software/S0520/"> BLINDINGCAN </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BloodHound-BloodHound"> <a href="/versions/v9/software/S0521/"> BloodHound </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Bonadan-Bonadan"> <a href="/versions/v9/software/S0486/"> Bonadan </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BONDUPDATER-BONDUPDATER"> <a href="/versions/v9/software/S0360/"> BONDUPDATER </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BOOSTWRITE-BOOSTWRITE"> <a href="/versions/v9/software/S0415/"> BOOSTWRITE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BOOTRASH-BOOTRASH"> <a href="/versions/v9/software/S0114/"> BOOTRASH </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BrainTest-BrainTest"> <a href="/versions/v9/software/S0293/"> BrainTest </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Brave Prince-Brave Prince"> <a href="/versions/v9/software/S0252/"> Brave Prince </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Bread-Bread"> <a href="/versions/v9/software/S0432/"> Bread </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Briba-Briba"> <a href="/versions/v9/software/S0204/"> Briba </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BS2005-BS2005"> <a href="/versions/v9/software/S0014/"> BS2005 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="BUBBLEWRAP-BUBBLEWRAP"> <a href="/versions/v9/software/S0043/"> BUBBLEWRAP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="build_downer-build_downer"> <a href="/versions/v9/software/S0471/"> build_downer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Bundlore-Bundlore"> <a href="/versions/v9/software/S0482/"> Bundlore </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Cachedump-Cachedump"> <a href="/versions/v9/software/S0119/"> Cachedump </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Cadelspy-Cadelspy"> <a href="/versions/v9/software/S0454/"> Cadelspy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="CALENDAR-CALENDAR"> <a href="/versions/v9/software/S0025/"> CALENDAR </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Calisto-Calisto"> <a href="/versions/v9/software/S0274/"> Calisto </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="CallMe-CallMe"> <a href="/versions/v9/software/S0077/"> CallMe </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Cannon-Cannon"> <a href="/versions/v9/software/S0351/"> Cannon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Carbanak-Carbanak"> <a href="/versions/v9/software/S0030/"> Carbanak </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Carberp-Carberp"> <a href="/versions/v9/software/S0484/"> Carberp </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Carbon-Carbon"> <a href="/versions/v9/software/S0335/"> Carbon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="CarbonSteal-CarbonSteal"> <a href="/versions/v9/software/S0529/"> CarbonSteal </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Cardinal RAT-Cardinal RAT"> <a href="/versions/v9/software/S0348/"> Cardinal RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="CARROTBALL-CARROTBALL"> <a href="/versions/v9/software/S0465/"> CARROTBALL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="CARROTBAT-CARROTBAT"> <a href="/versions/v9/software/S0462/"> CARROTBAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Catchamas-Catchamas"> <a href="/versions/v9/software/S0261/"> Catchamas </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Caterpillar WebShell-Caterpillar WebShell"> <a href="/versions/v9/software/S0572/"> Caterpillar WebShell </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="CCBkdr-CCBkdr"> <a href="/versions/v9/software/S0222/"> CCBkdr </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Cerberus-Cerberus"> <a href="/versions/v9/software/S0480/"> Cerberus </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="certutil-certutil"> <a href="/versions/v9/software/S0160/"> certutil </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Chaos-Chaos"> <a href="/versions/v9/software/S0220/"> Chaos </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Charger-Charger"> <a href="/versions/v9/software/S0323/"> Charger </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ChChes-ChChes"> <a href="/versions/v9/software/S0144/"> ChChes </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="CHEMISTGAMES-CHEMISTGAMES"> <a href="/versions/v9/software/S0555/"> CHEMISTGAMES </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Cherry Picker-Cherry Picker"> <a href="/versions/v9/software/S0107/"> Cherry Picker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="China Chopper-China Chopper"> <a href="/versions/v9/software/S0020/"> China Chopper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="CHOPSTICK-CHOPSTICK"> <a href="/versions/v9/software/S0023/"> CHOPSTICK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Circles-Circles"> <a href="/versions/v9/software/S0602/"> Circles </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="CloudDuke-CloudDuke"> <a href="/versions/v9/software/S0054/"> CloudDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="cmd-cmd"> <a href="/versions/v9/software/S0106/"> cmd </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Cobalt Strike-Cobalt Strike"> <a href="/versions/v9/software/S0154/"> Cobalt Strike </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Cobian RAT-Cobian RAT"> <a href="/versions/v9/software/S0338/"> Cobian RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="CoinTicker-CoinTicker"> <a href="/versions/v9/software/S0369/"> CoinTicker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Comnie-Comnie"> <a href="/versions/v9/software/S0244/"> Comnie </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ComRAT-ComRAT"> <a href="/versions/v9/software/S0126/"> ComRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Concipit1248-Concipit1248"> <a href="/versions/v9/software/S0426/"> Concipit1248 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ConnectWise-ConnectWise"> <a href="/versions/v9/software/S0591/"> ConnectWise </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Conti-Conti"> <a href="/versions/v9/software/S0575/"> Conti </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="CookieMiner-CookieMiner"> <a href="/versions/v9/software/S0492/"> CookieMiner </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="CORALDECK-CORALDECK"> <a href="/versions/v9/software/S0212/"> CORALDECK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="CORESHELL-CORESHELL"> <a href="/versions/v9/software/S0137/"> CORESHELL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Corona Updates-Corona Updates"> <a href="/versions/v9/software/S0425/"> Corona Updates </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="CosmicDuke-CosmicDuke"> <a href="/versions/v9/software/S0050/"> CosmicDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="CozyCar-CozyCar"> <a href="/versions/v9/software/S0046/"> CozyCar </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="CrackMapExec-CrackMapExec"> <a href="/versions/v9/software/S0488/"> CrackMapExec </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Crimson-Crimson"> <a href="/versions/v9/software/S0115/"> Crimson </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="CrossRAT-CrossRAT"> <a href="/versions/v9/software/S0235/"> CrossRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Crutch-Crutch"> <a href="/versions/v9/software/S0538/"> Crutch </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Cryptoistic-Cryptoistic"> <a href="/versions/v9/software/S0498/"> Cryptoistic </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="CSPY Downloader-CSPY Downloader"> <a href="/versions/v9/software/S0527/"> CSPY Downloader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Dacls-Dacls"> <a href="/versions/v9/software/S0497/"> Dacls </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="DarkComet-DarkComet"> <a href="/versions/v9/software/S0334/"> DarkComet </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Daserf-Daserf"> <a href="/versions/v9/software/S0187/"> Daserf </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="DDKONG-DDKONG"> <a href="/versions/v9/software/S0255/"> DDKONG </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="DealersChoice-DealersChoice"> <a href="/versions/v9/software/S0243/"> DealersChoice </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="DEFENSOR ID-DEFENSOR ID"> <a href="/versions/v9/software/S0479/"> DEFENSOR ID </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Dendroid-Dendroid"> <a href="/versions/v9/software/S0301/"> Dendroid </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Denis-Denis"> <a href="/versions/v9/software/S0354/"> Denis </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Derusbi-Derusbi"> <a href="/versions/v9/software/S0021/"> Derusbi </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Desert Scorpion-Desert Scorpion"> <a href="/versions/v9/software/S0505/"> Desert Scorpion </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Dipsind-Dipsind"> <a href="/versions/v9/software/S0200/"> Dipsind </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="DOGCALL-DOGCALL"> <a href="/versions/v9/software/S0213/"> DOGCALL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Dok-Dok"> <a href="/versions/v9/software/S0281/"> Dok </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Doki-Doki"> <a href="/versions/v9/software/S0600/"> Doki </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="DoubleAgent-DoubleAgent"> <a href="/versions/v9/software/S0550/"> DoubleAgent </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="down_new-down_new"> <a href="/versions/v9/software/S0472/"> down_new </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Downdelph-Downdelph"> <a href="/versions/v9/software/S0134/"> Downdelph </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="DownPaper-DownPaper"> <a href="/versions/v9/software/S0186/"> DownPaper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="DressCode-DressCode"> <a href="/versions/v9/software/S0300/"> DressCode </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Dridex-Dridex"> <a href="/versions/v9/software/S0384/"> Dridex </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="DroidJack-DroidJack"> <a href="/versions/v9/software/S0320/"> DroidJack </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="DropBook-DropBook"> <a href="/versions/v9/software/S0547/"> DropBook </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Drovorub-Drovorub"> <a href="/versions/v9/software/S0502/"> Drovorub </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="dsquery-dsquery"> <a href="/versions/v9/software/S0105/"> dsquery </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Dtrack-Dtrack"> <a href="/versions/v9/software/S0567/"> Dtrack </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="DualToy-DualToy"> <a href="/versions/v9/software/S0315/"> DualToy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Duqu-Duqu"> <a href="/versions/v9/software/S0038/"> Duqu </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="DustySky-DustySky"> <a href="/versions/v9/software/S0062/"> DustySky </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Dvmap-Dvmap"> <a href="/versions/v9/software/S0420/"> Dvmap </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Dyre-Dyre"> <a href="/versions/v9/software/S0024/"> Dyre </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Ebury-Ebury"> <a href="/versions/v9/software/S0377/"> Ebury </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ECCENTRICBANDWAGON-ECCENTRICBANDWAGON"> <a href="/versions/v9/software/S0593/"> ECCENTRICBANDWAGON </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Egregor-Egregor"> <a href="/versions/v9/software/S0554/"> Egregor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Elise-Elise"> <a href="/versions/v9/software/S0081/"> Elise </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ELMER-ELMER"> <a href="/versions/v9/software/S0064/"> ELMER </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Emissary-Emissary"> <a href="/versions/v9/software/S0082/"> Emissary </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Emotet-Emotet"> <a href="/versions/v9/software/S0367/"> Emotet </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Empire-Empire"> <a href="/versions/v9/software/S0363/"> Empire </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Epic-Epic"> <a href="/versions/v9/software/S0091/"> Epic </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="esentutl-esentutl"> <a href="/versions/v9/software/S0404/"> esentutl </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="eSurv-eSurv"> <a href="/versions/v9/software/S0507/"> eSurv </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="EventBot-EventBot"> <a href="/versions/v9/software/S0478/"> EventBot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="EvilBunny-EvilBunny"> <a href="/versions/v9/software/S0396/"> EvilBunny </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="EvilGrab-EvilGrab"> <a href="/versions/v9/software/S0152/"> EvilGrab </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="EVILNUM-EVILNUM"> <a href="/versions/v9/software/S0568/"> EVILNUM </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Exaramel for Linux-Exaramel for Linux"> <a href="/versions/v9/software/S0401/"> Exaramel for Linux </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Exaramel for Windows-Exaramel for Windows"> <a href="/versions/v9/software/S0343/"> Exaramel for Windows </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Exobot-Exobot"> <a href="/versions/v9/software/S0522/"> Exobot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Exodus-Exodus"> <a href="/versions/v9/software/S0405/"> Exodus </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Expand-Expand"> <a href="/versions/v9/software/S0361/"> Expand </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Explosive-Explosive"> <a href="/versions/v9/software/S0569/"> Explosive </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="FakeM-FakeM"> <a href="/versions/v9/software/S0076/"> FakeM </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="FakeSpy-FakeSpy"> <a href="/versions/v9/software/S0509/"> FakeSpy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="FALLCHILL-FALLCHILL"> <a href="/versions/v9/software/S0181/"> FALLCHILL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="FatDuke-FatDuke"> <a href="/versions/v9/software/S0512/"> FatDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Felismus-Felismus"> <a href="/versions/v9/software/S0171/"> Felismus </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="FELIXROOT-FELIXROOT"> <a href="/versions/v9/software/S0267/"> FELIXROOT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Fgdump-Fgdump"> <a href="/versions/v9/software/S0120/"> Fgdump </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Final1stspy-Final1stspy"> <a href="/versions/v9/software/S0355/"> Final1stspy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="FinFisher-FinFisher"> <a href="/versions/v9/software/S0182/"> FinFisher </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Flame-Flame"> <a href="/versions/v9/software/S0143/"> Flame </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="FLASHFLOOD-FLASHFLOOD"> <a href="/versions/v9/software/S0036/"> FLASHFLOOD </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="FlawedAmmyy-FlawedAmmyy"> <a href="/versions/v9/software/S0381/"> FlawedAmmyy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="FlawedGrace-FlawedGrace"> <a href="/versions/v9/software/S0383/"> FlawedGrace </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="FlexiSpy-FlexiSpy"> <a href="/versions/v9/software/S0408/"> FlexiSpy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="FLIPSIDE-FLIPSIDE"> <a href="/versions/v9/software/S0173/"> FLIPSIDE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Forfiles-Forfiles"> <a href="/versions/v9/software/S0193/"> Forfiles </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="FrameworkPOS-FrameworkPOS"> <a href="/versions/v9/software/S0503/"> FrameworkPOS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="FrozenCell-FrozenCell"> <a href="/versions/v9/software/S0577/"> FrozenCell </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="FruitFly-FruitFly"> <a href="/versions/v9/software/S0277/"> FruitFly </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="FTP-FTP"> <a href="/versions/v9/software/S0095/"> FTP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Fysbis-Fysbis"> <a href="/versions/v9/software/S0410/"> Fysbis </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Gazer-Gazer"> <a href="/versions/v9/software/S0168/"> Gazer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="GeminiDuke-GeminiDuke"> <a href="/versions/v9/software/S0049/"> GeminiDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Get2-Get2"> <a href="/versions/v9/software/S0460/"> Get2 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="gh0st RAT-gh0st RAT"> <a href="/versions/v9/software/S0032/"> gh0st RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Ginp-Ginp"> <a href="/versions/v9/software/S0423/"> Ginp </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="GLOOXMAIL-GLOOXMAIL"> <a href="/versions/v9/software/S0026/"> GLOOXMAIL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Gold Dragon-Gold Dragon"> <a href="/versions/v9/software/S0249/"> Gold Dragon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Golden Cup-Golden Cup"> <a href="/versions/v9/software/S0535/"> Golden Cup </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="GoldenEagle-GoldenEagle"> <a href="/versions/v9/software/S0551/"> GoldenEagle </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="GoldenSpy-GoldenSpy"> <a href="/versions/v9/software/S0493/"> GoldenSpy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="GoldFinder-GoldFinder"> <a href="/versions/v9/software/S0597/"> GoldFinder </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="GoldMax-GoldMax"> <a href="/versions/v9/software/S0588/"> GoldMax </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="GolfSpy-GolfSpy"> <a href="/versions/v9/software/S0421/"> GolfSpy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Gooligan-Gooligan"> <a href="/versions/v9/software/S0290/"> Gooligan </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Goopy-Goopy"> <a href="/versions/v9/software/S0477/"> Goopy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="GPlayed-GPlayed"> <a href="/versions/v9/software/S0536/"> GPlayed </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Grandoreiro-Grandoreiro"> <a href="/versions/v9/software/S0531/"> Grandoreiro </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="GravityRAT-GravityRAT"> <a href="/versions/v9/software/S0237/"> GravityRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="GreyEnergy-GreyEnergy"> <a href="/versions/v9/software/S0342/"> GreyEnergy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="GRIFFON-GRIFFON"> <a href="/versions/v9/software/S0417/"> GRIFFON </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="gsecdump-gsecdump"> <a href="/versions/v9/software/S0008/"> gsecdump </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="GuLoader-GuLoader"> <a href="/versions/v9/software/S0561/"> GuLoader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Gustuff-Gustuff"> <a href="/versions/v9/software/S0406/"> Gustuff </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="H1N1-H1N1"> <a href="/versions/v9/software/S0132/"> H1N1 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Hacking Team UEFI Rootkit-Hacking Team UEFI Rootkit"> <a href="/versions/v9/software/S0047/"> Hacking Team UEFI Rootkit </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="HALFBAKED-HALFBAKED"> <a href="/versions/v9/software/S0151/"> HALFBAKED </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="HAMMERTOSS-HAMMERTOSS"> <a href="/versions/v9/software/S0037/"> HAMMERTOSS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Hancitor-Hancitor"> <a href="/versions/v9/software/S0499/"> Hancitor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="HAPPYWORK-HAPPYWORK"> <a href="/versions/v9/software/S0214/"> HAPPYWORK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="HARDRAIN-HARDRAIN"> <a href="/versions/v9/software/S0246/"> HARDRAIN </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Havij-Havij"> <a href="/versions/v9/software/S0224/"> Havij </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="HAWKBALL-HAWKBALL"> <a href="/versions/v9/software/S0391/"> HAWKBALL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="hcdLoader-hcdLoader"> <a href="/versions/v9/software/S0071/"> hcdLoader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="HDoor-HDoor"> <a href="/versions/v9/software/S0061/"> HDoor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Helminth-Helminth"> <a href="/versions/v9/software/S0170/"> Helminth </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="HenBox-HenBox"> <a href="/versions/v9/software/S0544/"> HenBox </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Hi-Zor-Hi-Zor"> <a href="/versions/v9/software/S0087/"> Hi-Zor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="HiddenWasp-HiddenWasp"> <a href="/versions/v9/software/S0394/"> HiddenWasp </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="HIDEDRV-HIDEDRV"> <a href="/versions/v9/software/S0135/"> HIDEDRV </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Hikit-Hikit"> <a href="/versions/v9/software/S0009/"> Hikit </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Hildegard-Hildegard"> <a href="/versions/v9/software/S0601/"> Hildegard </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="HOMEFRY-HOMEFRY"> <a href="/versions/v9/software/S0232/"> HOMEFRY </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="HOPLIGHT-HOPLIGHT"> <a href="/versions/v9/software/S0376/"> HOPLIGHT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="HotCroissant-HotCroissant"> <a href="/versions/v9/software/S0431/"> HotCroissant </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="HTRAN-HTRAN"> <a href="/versions/v9/software/S0040/"> HTRAN </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="HTTPBrowser-HTTPBrowser"> <a href="/versions/v9/software/S0070/"> HTTPBrowser </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="httpclient-httpclient"> <a href="/versions/v9/software/S0068/"> httpclient </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="HummingBad-HummingBad"> <a href="/versions/v9/software/S0322/"> HummingBad </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="HummingWhale-HummingWhale"> <a href="/versions/v9/software/S0321/"> HummingWhale </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Hydraq-Hydraq"> <a href="/versions/v9/software/S0203/"> Hydraq </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="HyperBro-HyperBro"> <a href="/versions/v9/software/S0398/"> HyperBro </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="HyperStack-HyperStack"> <a href="/versions/v9/software/S0537/"> HyperStack </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="IcedID-IcedID"> <a href="/versions/v9/software/S0483/"> IcedID </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ifconfig-ifconfig"> <a href="/versions/v9/software/S0101/"> ifconfig </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="iKitten-iKitten"> <a href="/versions/v9/software/S0278/"> iKitten </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Imminent Monitor-Imminent Monitor"> <a href="/versions/v9/software/S0434/"> Imminent Monitor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Impacket-Impacket"> <a href="/versions/v9/software/S0357/"> Impacket </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="InnaputRAT-InnaputRAT"> <a href="/versions/v9/software/S0259/"> InnaputRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="INSOMNIA-INSOMNIA"> <a href="/versions/v9/software/S0463/"> INSOMNIA </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="InvisiMole-InvisiMole"> <a href="/versions/v9/software/S0260/"> InvisiMole </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Invoke-PSImage-Invoke-PSImage"> <a href="/versions/v9/software/S0231/"> Invoke-PSImage </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ipconfig-ipconfig"> <a href="/versions/v9/software/S0100/"> ipconfig </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="IronNetInjector-IronNetInjector"> <a href="/versions/v9/software/S0581/"> IronNetInjector </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ISMInjector-ISMInjector"> <a href="/versions/v9/software/S0189/"> ISMInjector </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Ixeshe-Ixeshe"> <a href="/versions/v9/software/S0015/"> Ixeshe </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Janicab-Janicab"> <a href="/versions/v9/software/S0163/"> Janicab </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Javali-Javali"> <a href="/versions/v9/software/S0528/"> Javali </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="JCry-JCry"> <a href="/versions/v9/software/S0389/"> JCry </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="JHUHUGIT-JHUHUGIT"> <a href="/versions/v9/software/S0044/"> JHUHUGIT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="JPIN-JPIN"> <a href="/versions/v9/software/S0201/"> JPIN </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="jRAT-jRAT"> <a href="/versions/v9/software/S0283/"> jRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Judy-Judy"> <a href="/versions/v9/software/S0325/"> Judy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="KARAE-KARAE"> <a href="/versions/v9/software/S0215/"> KARAE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Kasidet-Kasidet"> <a href="/versions/v9/software/S0088/"> Kasidet </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Kazuar-Kazuar"> <a href="/versions/v9/software/S0265/"> Kazuar </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Kerrdown-Kerrdown"> <a href="/versions/v9/software/S0585/"> Kerrdown </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Kessel-Kessel"> <a href="/versions/v9/software/S0487/"> Kessel </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="KeyBoy-KeyBoy"> <a href="/versions/v9/software/S0387/"> KeyBoy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Keydnap-Keydnap"> <a href="/versions/v9/software/S0276/"> Keydnap </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="KEYMARBLE-KEYMARBLE"> <a href="/versions/v9/software/S0271/"> KEYMARBLE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="KeyRaider-KeyRaider"> <a href="/versions/v9/software/S0288/"> KeyRaider </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="KGH_SPY-KGH_SPY"> <a href="/versions/v9/software/S0526/"> KGH_SPY </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Kinsing-Kinsing"> <a href="/versions/v9/software/S0599/"> Kinsing </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Kivars-Kivars"> <a href="/versions/v9/software/S0437/"> Kivars </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Koadic-Koadic"> <a href="/versions/v9/software/S0250/"> Koadic </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Komplex-Komplex"> <a href="/versions/v9/software/S0162/"> Komplex </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="KOMPROGO-KOMPROGO"> <a href="/versions/v9/software/S0156/"> KOMPROGO </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="KONNI-KONNI"> <a href="/versions/v9/software/S0356/"> KONNI </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Kwampirs-Kwampirs"> <a href="/versions/v9/software/S0236/"> Kwampirs </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="LaZagne-LaZagne"> <a href="/versions/v9/software/S0349/"> LaZagne </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="LightNeuron-LightNeuron"> <a href="/versions/v9/software/S0395/"> LightNeuron </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Linfo-Linfo"> <a href="/versions/v9/software/S0211/"> Linfo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Linux Rabbit-Linux Rabbit"> <a href="/versions/v9/software/S0362/"> Linux Rabbit </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="LockerGoga-LockerGoga"> <a href="/versions/v9/software/S0372/"> LockerGoga </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="LoJax-LoJax"> <a href="/versions/v9/software/S0397/"> LoJax </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Lokibot-Lokibot"> <a href="/versions/v9/software/S0447/"> Lokibot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="LookBack-LookBack"> <a href="/versions/v9/software/S0582/"> LookBack </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="LoudMiner-LoudMiner"> <a href="/versions/v9/software/S0451/"> LoudMiner </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="LOWBALL-LOWBALL"> <a href="/versions/v9/software/S0042/"> LOWBALL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Lslsass-Lslsass"> <a href="/versions/v9/software/S0121/"> Lslsass </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Lucifer-Lucifer"> <a href="/versions/v9/software/S0532/"> Lucifer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Lurid-Lurid"> <a href="/versions/v9/software/S0010/"> Lurid </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Machete-Machete"> <a href="/versions/v9/software/S0409/"> Machete </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="MacSpy-MacSpy"> <a href="/versions/v9/software/S0282/"> MacSpy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="MailSniper-MailSniper"> <a href="/versions/v9/software/S0413/"> MailSniper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Mandrake-Mandrake"> <a href="/versions/v9/software/S0485/"> Mandrake </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Marcher-Marcher"> <a href="/versions/v9/software/S0317/"> Marcher </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Matryoshka-Matryoshka"> <a href="/versions/v9/software/S0167/"> Matryoshka </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="MazarBOT-MazarBOT"> <a href="/versions/v9/software/S0303/"> MazarBOT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Maze-Maze"> <a href="/versions/v9/software/S0449/"> Maze </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="MCMD-MCMD"> <a href="/versions/v9/software/S0500/"> MCMD </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="MechaFlounder-MechaFlounder"> <a href="/versions/v9/software/S0459/"> MechaFlounder </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="meek-meek"> <a href="/versions/v9/software/S0175/"> meek </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="MegaCortex-MegaCortex"> <a href="/versions/v9/software/S0576/"> MegaCortex </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Melcoz-Melcoz"> <a href="/versions/v9/software/S0530/"> Melcoz </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="MESSAGETAP-MESSAGETAP"> <a href="/versions/v9/software/S0443/"> MESSAGETAP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Metamorfo-Metamorfo"> <a href="/versions/v9/software/S0455/"> Metamorfo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Micropsia-Micropsia"> <a href="/versions/v9/software/S0339/"> Micropsia </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Mimikatz-Mimikatz"> <a href="/versions/v9/software/S0002/"> Mimikatz </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="MimiPenguin-MimiPenguin"> <a href="/versions/v9/software/S0179/"> MimiPenguin </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Miner-C-Miner-C"> <a href="/versions/v9/software/S0133/"> Miner-C </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="MiniDuke-MiniDuke"> <a href="/versions/v9/software/S0051/"> MiniDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="MirageFox-MirageFox"> <a href="/versions/v9/software/S0280/"> MirageFox </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Mis-Type-Mis-Type"> <a href="/versions/v9/software/S0084/"> Mis-Type </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Misdat-Misdat"> <a href="/versions/v9/software/S0083/"> Misdat </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Mivast-Mivast"> <a href="/versions/v9/software/S0080/"> Mivast </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="MobileOrder-MobileOrder"> <a href="/versions/v9/software/S0079/"> MobileOrder </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="MoleNet-MoleNet"> <a href="/versions/v9/software/S0553/"> MoleNet </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Monokle-Monokle"> <a href="/versions/v9/software/S0407/"> Monokle </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="MoonWind-MoonWind"> <a href="/versions/v9/software/S0149/"> MoonWind </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="More_eggs-More_eggs"> <a href="/versions/v9/software/S0284/"> More_eggs </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Mosquito-Mosquito"> <a href="/versions/v9/software/S0256/"> Mosquito </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="MURKYTOP-MURKYTOP"> <a href="/versions/v9/software/S0233/"> MURKYTOP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Naid-Naid"> <a href="/versions/v9/software/S0205/"> Naid </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="NanHaiShu-NanHaiShu"> <a href="/versions/v9/software/S0228/"> NanHaiShu </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="NanoCore-NanoCore"> <a href="/versions/v9/software/S0336/"> NanoCore </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="NavRAT-NavRAT"> <a href="/versions/v9/software/S0247/"> NavRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="NBTscan-NBTscan"> <a href="/versions/v9/software/S0590/"> NBTscan </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="nbtstat-nbtstat"> <a href="/versions/v9/software/S0102/"> nbtstat </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="NDiskMonitor-NDiskMonitor"> <a href="/versions/v9/software/S0272/"> NDiskMonitor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Nerex-Nerex"> <a href="/versions/v9/software/S0210/"> Nerex </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Net-Net"> <a href="/versions/v9/software/S0039/"> Net </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Net Crawler-Net Crawler"> <a href="/versions/v9/software/S0056/"> Net Crawler </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="NETEAGLE-NETEAGLE"> <a href="/versions/v9/software/S0034/"> NETEAGLE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="netsh-netsh"> <a href="/versions/v9/software/S0108/"> netsh </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="netstat-netstat"> <a href="/versions/v9/software/S0104/"> netstat </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="NetTraveler-NetTraveler"> <a href="/versions/v9/software/S0033/"> NetTraveler </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Netwalker-Netwalker"> <a href="/versions/v9/software/S0457/"> Netwalker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="NETWIRE-NETWIRE"> <a href="/versions/v9/software/S0198/"> NETWIRE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Ngrok-Ngrok"> <a href="/versions/v9/software/S0508/"> Ngrok </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Nidiran-Nidiran"> <a href="/versions/v9/software/S0118/"> Nidiran </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="njRAT-njRAT"> <a href="/versions/v9/software/S0385/"> njRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Nltest-Nltest"> <a href="/versions/v9/software/S0359/"> Nltest </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="NOKKI-NOKKI"> <a href="/versions/v9/software/S0353/"> NOKKI </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="NotCompatible-NotCompatible"> <a href="/versions/v9/software/S0299/"> NotCompatible </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="NotPetya-NotPetya"> <a href="/versions/v9/software/S0368/"> NotPetya </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="OBAD-OBAD"> <a href="/versions/v9/software/S0286/"> OBAD </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="OceanSalt-OceanSalt"> <a href="/versions/v9/software/S0346/"> OceanSalt </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Octopus-Octopus"> <a href="/versions/v9/software/S0340/"> Octopus </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Okrum-Okrum"> <a href="/versions/v9/software/S0439/"> Okrum </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="OLDBAIT-OLDBAIT"> <a href="/versions/v9/software/S0138/"> OLDBAIT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="OldBoot-OldBoot"> <a href="/versions/v9/software/S0285/"> OldBoot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Olympic Destroyer-Olympic Destroyer"> <a href="/versions/v9/software/S0365/"> Olympic Destroyer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="OnionDuke-OnionDuke"> <a href="/versions/v9/software/S0052/"> OnionDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="OopsIE-OopsIE"> <a href="/versions/v9/software/S0264/"> OopsIE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Orz-Orz"> <a href="/versions/v9/software/S0229/"> Orz </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="OSInfo-OSInfo"> <a href="/versions/v9/software/S0165/"> OSInfo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="OSX/Shlayer-OSX/Shlayer"> <a href="/versions/v9/software/S0402/"> OSX/Shlayer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="OSX_OCEANLOTUS.D-OSX_OCEANLOTUS.D"> <a href="/versions/v9/software/S0352/"> OSX_OCEANLOTUS.D </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Out1-Out1"> <a href="/versions/v9/software/S0594/"> Out1 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="OwaAuth-OwaAuth"> <a href="/versions/v9/software/S0072/"> OwaAuth </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="P.A.S. Webshell-P.A.S. Webshell"> <a href="/versions/v9/software/S0598/"> P.A.S. Webshell </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="P2P ZeuS-P2P ZeuS"> <a href="/versions/v9/software/S0016/"> P2P ZeuS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Pallas-Pallas"> <a href="/versions/v9/software/S0399/"> Pallas </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Pasam-Pasam"> <a href="/versions/v9/software/S0208/"> Pasam </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Pass-The-Hash Toolkit-Pass-The-Hash Toolkit"> <a href="/versions/v9/software/S0122/"> Pass-The-Hash Toolkit </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Pay2Key-Pay2Key"> <a href="/versions/v9/software/S0556/"> Pay2Key </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Pegasus for Android-Pegasus for Android"> <a href="/versions/v9/software/S0316/"> Pegasus for Android </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Pegasus for iOS-Pegasus for iOS"> <a href="/versions/v9/software/S0289/"> Pegasus for iOS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Penquin-Penquin"> <a href="/versions/v9/software/S0587/"> Penquin </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="PHOREAL-PHOREAL"> <a href="/versions/v9/software/S0158/"> PHOREAL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Pillowmint-Pillowmint"> <a href="/versions/v9/software/S0517/"> Pillowmint </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="PinchDuke-PinchDuke"> <a href="/versions/v9/software/S0048/"> PinchDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Ping-Ping"> <a href="/versions/v9/software/S0097/"> Ping </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="PipeMon-PipeMon"> <a href="/versions/v9/software/S0501/"> PipeMon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Pisloader-Pisloader"> <a href="/versions/v9/software/S0124/"> Pisloader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="PJApps-PJApps"> <a href="/versions/v9/software/S0291/"> PJApps </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="PLAINTEE-PLAINTEE"> <a href="/versions/v9/software/S0254/"> PLAINTEE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="PLEAD-PLEAD"> <a href="/versions/v9/software/S0435/"> PLEAD </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="PlugX-PlugX"> <a href="/versions/v9/software/S0013/"> PlugX </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="pngdowner-pngdowner"> <a href="/versions/v9/software/S0067/"> pngdowner </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="PoetRAT-PoetRAT"> <a href="/versions/v9/software/S0428/"> PoetRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="PoisonIvy-PoisonIvy"> <a href="/versions/v9/software/S0012/"> PoisonIvy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="PolyglotDuke-PolyglotDuke"> <a href="/versions/v9/software/S0518/"> PolyglotDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Pony-Pony"> <a href="/versions/v9/software/S0453/"> Pony </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="POORAIM-POORAIM"> <a href="/versions/v9/software/S0216/"> POORAIM </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="PoshC2-PoshC2"> <a href="/versions/v9/software/S0378/"> PoshC2 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="POSHSPY-POSHSPY"> <a href="/versions/v9/software/S0150/"> POSHSPY </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Power Loader-Power Loader"> <a href="/versions/v9/software/S0177/"> Power Loader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="PowerDuke-PowerDuke"> <a href="/versions/v9/software/S0139/"> PowerDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="PowerShower-PowerShower"> <a href="/versions/v9/software/S0441/"> PowerShower </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="POWERSOURCE-POWERSOURCE"> <a href="/versions/v9/software/S0145/"> POWERSOURCE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="PowerSploit-PowerSploit"> <a href="/versions/v9/software/S0194/"> PowerSploit </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="PowerStallion-PowerStallion"> <a href="/versions/v9/software/S0393/"> PowerStallion </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="POWERSTATS-POWERSTATS"> <a href="/versions/v9/software/S0223/"> POWERSTATS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="POWERTON-POWERTON"> <a href="/versions/v9/software/S0371/"> POWERTON </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="POWRUNER-POWRUNER"> <a href="/versions/v9/software/S0184/"> POWRUNER </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Prikormka-Prikormka"> <a href="/versions/v9/software/S0113/"> Prikormka </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Proton-Proton"> <a href="/versions/v9/software/S0279/"> Proton </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Proxysvc-Proxysvc"> <a href="/versions/v9/software/S0238/"> Proxysvc </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="PsExec-PsExec"> <a href="/versions/v9/software/S0029/"> PsExec </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Psylo-Psylo"> <a href="/versions/v9/software/S0078/"> Psylo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Pteranodon-Pteranodon"> <a href="/versions/v9/software/S0147/"> Pteranodon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="PUNCHBUGGY-PUNCHBUGGY"> <a href="/versions/v9/software/S0196/"> PUNCHBUGGY </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="PUNCHTRACK-PUNCHTRACK"> <a href="/versions/v9/software/S0197/"> PUNCHTRACK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Pupy-Pupy"> <a href="/versions/v9/software/S0192/"> Pupy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="pwdump-pwdump"> <a href="/versions/v9/software/S0006/"> pwdump </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Pysa-Pysa"> <a href="/versions/v9/software/S0583/"> Pysa </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="QUADAGENT-QUADAGENT"> <a href="/versions/v9/software/S0269/"> QUADAGENT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="QuasarRAT-QuasarRAT"> <a href="/versions/v9/software/S0262/"> QuasarRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Ragnar Locker-Ragnar Locker"> <a href="/versions/v9/software/S0481/"> Ragnar Locker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Raindrop-Raindrop"> <a href="/versions/v9/software/S0565/"> Raindrop </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Ramsay-Ramsay"> <a href="/versions/v9/software/S0458/"> Ramsay </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="RARSTONE-RARSTONE"> <a href="/versions/v9/software/S0055/"> RARSTONE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="RATANKBA-RATANKBA"> <a href="/versions/v9/software/S0241/"> RATANKBA </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="RawDisk-RawDisk"> <a href="/versions/v9/software/S0364/"> RawDisk </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="RawPOS-RawPOS"> <a href="/versions/v9/software/S0169/"> RawPOS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="RCSAndroid-RCSAndroid"> <a href="/versions/v9/software/S0295/"> RCSAndroid </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="RDAT-RDAT"> <a href="/versions/v9/software/S0495/"> RDAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="RDFSNIFFER-RDFSNIFFER"> <a href="/versions/v9/software/S0416/"> RDFSNIFFER </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Reaver-Reaver"> <a href="/versions/v9/software/S0172/"> Reaver </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Red Alert 2.0-Red Alert 2.0"> <a href="/versions/v9/software/S0539/"> Red Alert 2.0 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="RedDrop-RedDrop"> <a href="/versions/v9/software/S0326/"> RedDrop </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="RedLeaves-RedLeaves"> <a href="/versions/v9/software/S0153/"> RedLeaves </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Reg-Reg"> <a href="/versions/v9/software/S0075/"> Reg </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="RegDuke-RegDuke"> <a href="/versions/v9/software/S0511/"> RegDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Regin-Regin"> <a href="/versions/v9/software/S0019/"> Regin </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Remcos-Remcos"> <a href="/versions/v9/software/S0332/"> Remcos </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Remexi-Remexi"> <a href="/versions/v9/software/S0375/"> Remexi </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="RemoteCMD-RemoteCMD"> <a href="/versions/v9/software/S0166/"> RemoteCMD </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="RemoteUtilities-RemoteUtilities"> <a href="/versions/v9/software/S0592/"> RemoteUtilities </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Remsec-Remsec"> <a href="/versions/v9/software/S0125/"> Remsec </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Responder-Responder"> <a href="/versions/v9/software/S0174/"> Responder </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Revenge RAT-Revenge RAT"> <a href="/versions/v9/software/S0379/"> Revenge RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="REvil-REvil"> <a href="/versions/v9/software/S0496/"> REvil </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="RGDoor-RGDoor"> <a href="/versions/v9/software/S0258/"> RGDoor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Rifdoor-Rifdoor"> <a href="/versions/v9/software/S0433/"> Rifdoor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Riltok-Riltok"> <a href="/versions/v9/software/S0403/"> Riltok </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="RIPTIDE-RIPTIDE"> <a href="/versions/v9/software/S0003/"> RIPTIDE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Rising Sun-Rising Sun"> <a href="/versions/v9/software/S0448/"> Rising Sun </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="RobbinHood-RobbinHood"> <a href="/versions/v9/software/S0400/"> RobbinHood </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ROCKBOOT-ROCKBOOT"> <a href="/versions/v9/software/S0112/"> ROCKBOOT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="RogueRobin-RogueRobin"> <a href="/versions/v9/software/S0270/"> RogueRobin </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ROKRAT-ROKRAT"> <a href="/versions/v9/software/S0240/"> ROKRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Rotexy-Rotexy"> <a href="/versions/v9/software/S0411/"> Rotexy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="route-route"> <a href="/versions/v9/software/S0103/"> route </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Rover-Rover"> <a href="/versions/v9/software/S0090/"> Rover </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="RTM-RTM"> <a href="/versions/v9/software/S0148/"> RTM </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Ruler-Ruler"> <a href="/versions/v9/software/S0358/"> Ruler </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="RuMMS-RuMMS"> <a href="/versions/v9/software/S0313/"> RuMMS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="RunningRAT-RunningRAT"> <a href="/versions/v9/software/S0253/"> RunningRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Ryuk-Ryuk"> <a href="/versions/v9/software/S0446/"> Ryuk </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="S-Type-S-Type"> <a href="/versions/v9/software/S0085/"> S-Type </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Sakula-Sakula"> <a href="/versions/v9/software/S0074/"> Sakula </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SamSam-SamSam"> <a href="/versions/v9/software/S0370/"> SamSam </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="schtasks-schtasks"> <a href="/versions/v9/software/S0111/"> schtasks </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SDBbot-SDBbot"> <a href="/versions/v9/software/S0461/"> SDBbot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SDelete-SDelete"> <a href="/versions/v9/software/S0195/"> SDelete </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SeaDuke-SeaDuke"> <a href="/versions/v9/software/S0053/"> SeaDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Seasalt-Seasalt"> <a href="/versions/v9/software/S0345/"> Seasalt </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SEASHARPEE-SEASHARPEE"> <a href="/versions/v9/software/S0185/"> SEASHARPEE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ServHelper-ServHelper"> <a href="/versions/v9/software/S0382/"> ServHelper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ShadowPad-ShadowPad"> <a href="/versions/v9/software/S0596/"> ShadowPad </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Shamoon-Shamoon"> <a href="/versions/v9/software/S0140/"> Shamoon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SharpStage-SharpStage"> <a href="/versions/v9/software/S0546/"> SharpStage </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SHARPSTATS-SHARPSTATS"> <a href="/versions/v9/software/S0450/"> SHARPSTATS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ShiftyBug-ShiftyBug"> <a href="/versions/v9/software/S0294/"> ShiftyBug </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ShimRat-ShimRat"> <a href="/versions/v9/software/S0444/"> ShimRat </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ShimRatReporter-ShimRatReporter"> <a href="/versions/v9/software/S0445/"> ShimRatReporter </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SHIPSHAPE-SHIPSHAPE"> <a href="/versions/v9/software/S0028/"> SHIPSHAPE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SHOTPUT-SHOTPUT"> <a href="/versions/v9/software/S0063/"> SHOTPUT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SHUTTERSPEED-SHUTTERSPEED"> <a href="/versions/v9/software/S0217/"> SHUTTERSPEED </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Sibot-Sibot"> <a href="/versions/v9/software/S0589/"> Sibot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SilkBean-SilkBean"> <a href="/versions/v9/software/S0549/"> SilkBean </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SimBad-SimBad"> <a href="/versions/v9/software/S0419/"> SimBad </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Skeleton Key-Skeleton Key"> <a href="/versions/v9/software/S0007/"> Skeleton Key </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Skidmap-Skidmap"> <a href="/versions/v9/software/S0468/"> Skidmap </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Skygofree-Skygofree"> <a href="/versions/v9/software/S0327/"> Skygofree </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SLOTHFULMEDIA-SLOTHFULMEDIA"> <a href="/versions/v9/software/S0533/"> SLOTHFULMEDIA </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SLOWDRIFT-SLOWDRIFT"> <a href="/versions/v9/software/S0218/"> SLOWDRIFT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Smoke Loader-Smoke Loader"> <a href="/versions/v9/software/S0226/"> Smoke Loader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SNUGRIDE-SNUGRIDE"> <a href="/versions/v9/software/S0159/"> SNUGRIDE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Socksbot-Socksbot"> <a href="/versions/v9/software/S0273/"> Socksbot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SoreFang-SoreFang"> <a href="/versions/v9/software/S0516/"> SoreFang </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SOUNDBITE-SOUNDBITE"> <a href="/versions/v9/software/S0157/"> SOUNDBITE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SPACESHIP-SPACESHIP"> <a href="/versions/v9/software/S0035/"> SPACESHIP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Spark-Spark"> <a href="/versions/v9/software/S0543/"> Spark </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SpeakUp-SpeakUp"> <a href="/versions/v9/software/S0374/"> SpeakUp </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="spwebmember-spwebmember"> <a href="/versions/v9/software/S0227/"> spwebmember </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SpyDealer-SpyDealer"> <a href="/versions/v9/software/S0324/"> SpyDealer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SpyNote RAT-SpyNote RAT"> <a href="/versions/v9/software/S0305/"> SpyNote RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="sqlmap-sqlmap"> <a href="/versions/v9/software/S0225/"> sqlmap </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SQLRat-SQLRat"> <a href="/versions/v9/software/S0390/"> SQLRat </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SslMM-SslMM"> <a href="/versions/v9/software/S0058/"> SslMM </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Starloader-Starloader"> <a href="/versions/v9/software/S0188/"> Starloader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Stealth Mango-Stealth Mango"> <a href="/versions/v9/software/S0328/"> Stealth Mango </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="StoneDrill-StoneDrill"> <a href="/versions/v9/software/S0380/"> StoneDrill </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="StreamEx-StreamEx"> <a href="/versions/v9/software/S0142/"> StreamEx </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="StrongPity-StrongPity"> <a href="/versions/v9/software/S0491/"> StrongPity </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SUNBURST-SUNBURST"> <a href="/versions/v9/software/S0559/"> SUNBURST </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SUNSPOT-SUNSPOT"> <a href="/versions/v9/software/S0562/"> SUNSPOT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SUPERNOVA-SUPERNOVA"> <a href="/versions/v9/software/S0578/"> SUPERNOVA </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Sykipot-Sykipot"> <a href="/versions/v9/software/S0018/"> Sykipot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SynAck-SynAck"> <a href="/versions/v9/software/S0242/"> SynAck </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SYNful Knock-SYNful Knock"> <a href="/versions/v9/software/S0519/"> SYNful Knock </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Sys10-Sys10"> <a href="/versions/v9/software/S0060/"> Sys10 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="SYSCON-SYSCON"> <a href="/versions/v9/software/S0464/"> SYSCON </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Systeminfo-Systeminfo"> <a href="/versions/v9/software/S0096/"> Systeminfo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="T9000-T9000"> <a href="/versions/v9/software/S0098/"> T9000 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Taidoor-Taidoor"> <a href="/versions/v9/software/S0011/"> Taidoor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="TAINTEDSCRIBE-TAINTEDSCRIBE"> <a href="/versions/v9/software/S0586/"> TAINTEDSCRIBE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="TajMahal-TajMahal"> <a href="/versions/v9/software/S0467/"> TajMahal </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Tangelo-Tangelo"> <a href="/versions/v9/software/S0329/"> Tangelo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Tasklist-Tasklist"> <a href="/versions/v9/software/S0057/"> Tasklist </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="TDTESS-TDTESS"> <a href="/versions/v9/software/S0164/"> TDTESS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="TEARDROP-TEARDROP"> <a href="/versions/v9/software/S0560/"> TEARDROP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="TERRACOTTA-TERRACOTTA"> <a href="/versions/v9/software/S0545/"> TERRACOTTA </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="TEXTMATE-TEXTMATE"> <a href="/versions/v9/software/S0146/"> TEXTMATE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ThiefQuest-ThiefQuest"> <a href="/versions/v9/software/S0595/"> ThiefQuest </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Tiktok Pro-Tiktok Pro"> <a href="/versions/v9/software/S0558/"> Tiktok Pro </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="TINYTYPHON-TINYTYPHON"> <a href="/versions/v9/software/S0131/"> TINYTYPHON </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="TinyZBot-TinyZBot"> <a href="/versions/v9/software/S0004/"> TinyZBot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Tor-Tor"> <a href="/versions/v9/software/S0183/"> Tor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Triada-Triada"> <a href="/versions/v9/software/S0424/"> Triada </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="TrickBot-TrickBot"> <a href="/versions/v9/software/S0266/"> TrickBot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="TrickMo-TrickMo"> <a href="/versions/v9/software/S0427/"> TrickMo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Trojan-SMS.AndroidOS.Agent.ao-Trojan-SMS.AndroidOS.Agent.ao"> <a href="/versions/v9/software/S0307/"> Trojan-SMS.AndroidOS.Agent.ao </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Trojan-SMS.AndroidOS.FakeInst.a-Trojan-SMS.AndroidOS.FakeInst.a"> <a href="/versions/v9/software/S0306/"> Trojan-SMS.AndroidOS.FakeInst.a </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Trojan-SMS.AndroidOS.OpFake.a-Trojan-SMS.AndroidOS.OpFake.a"> <a href="/versions/v9/software/S0308/"> Trojan-SMS.AndroidOS.OpFake.a </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Trojan.Karagany-Trojan.Karagany"> <a href="/versions/v9/software/S0094/"> Trojan.Karagany </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Trojan.Mebromi-Trojan.Mebromi"> <a href="/versions/v9/software/S0001/"> Trojan.Mebromi </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Truvasys-Truvasys"> <a href="/versions/v9/software/S0178/"> Truvasys </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="TSCookie-TSCookie"> <a href="/versions/v9/software/S0436/"> TSCookie </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="TURNEDUP-TURNEDUP"> <a href="/versions/v9/software/S0199/"> TURNEDUP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Twitoor-Twitoor"> <a href="/versions/v9/software/S0302/"> Twitoor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="TYPEFRAME-TYPEFRAME"> <a href="/versions/v9/software/S0263/"> TYPEFRAME </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="UACMe-UACMe"> <a href="/versions/v9/software/S0116/"> UACMe </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="UBoatRAT-UBoatRAT"> <a href="/versions/v9/software/S0333/"> UBoatRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Umbreon-Umbreon"> <a href="/versions/v9/software/S0221/"> Umbreon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Unknown Logger-Unknown Logger"> <a href="/versions/v9/software/S0130/"> Unknown Logger </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="UPPERCUT-UPPERCUT"> <a href="/versions/v9/software/S0275/"> UPPERCUT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Uroburos-Uroburos"> <a href="/versions/v9/software/S0022/"> Uroburos </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Ursnif-Ursnif"> <a href="/versions/v9/software/S0386/"> Ursnif </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="USBferry-USBferry"> <a href="/versions/v9/software/S0452/"> USBferry </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="USBStealer-USBStealer"> <a href="/versions/v9/software/S0136/"> USBStealer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Valak-Valak"> <a href="/versions/v9/software/S0476/"> Valak </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Vasport-Vasport"> <a href="/versions/v9/software/S0207/"> Vasport </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="VBShower-VBShower"> <a href="/versions/v9/software/S0442/"> VBShower </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="VERMIN-VERMIN"> <a href="/versions/v9/software/S0257/"> VERMIN </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ViceLeaker-ViceLeaker"> <a href="/versions/v9/software/S0418/"> ViceLeaker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ViperRAT-ViperRAT"> <a href="/versions/v9/software/S0506/"> ViperRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Volgmer-Volgmer"> <a href="/versions/v9/software/S0180/"> Volgmer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="WannaCry-WannaCry"> <a href="/versions/v9/software/S0366/"> WannaCry </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Waterbear-Waterbear"> <a href="/versions/v9/software/S0579/"> Waterbear </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="WEBC2-WEBC2"> <a href="/versions/v9/software/S0109/"> WEBC2 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="WellMail-WellMail"> <a href="/versions/v9/software/S0515/"> WellMail </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="WellMess-WellMess"> <a href="/versions/v9/software/S0514/"> WellMess </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Wiarp-Wiarp"> <a href="/versions/v9/software/S0206/"> Wiarp </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Windows Credential Editor-Windows Credential Editor"> <a href="/versions/v9/software/S0005/"> Windows Credential Editor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="WINDSHIELD-WINDSHIELD"> <a href="/versions/v9/software/S0155/"> WINDSHIELD </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="WindTail-WindTail"> <a href="/versions/v9/software/S0466/"> WindTail </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="WINERACK-WINERACK"> <a href="/versions/v9/software/S0219/"> WINERACK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Winexe-Winexe"> <a href="/versions/v9/software/S0191/"> Winexe </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Wingbird-Wingbird"> <a href="/versions/v9/software/S0176/"> Wingbird </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="WinMM-WinMM"> <a href="/versions/v9/software/S0059/"> WinMM </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Winnti for Linux-Winnti for Linux"> <a href="/versions/v9/software/S0430/"> Winnti for Linux </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Winnti for Windows-Winnti for Windows"> <a href="/versions/v9/software/S0141/"> Winnti for Windows </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Wiper-Wiper"> <a href="/versions/v9/software/S0041/"> Wiper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="WireLurker-WireLurker"> <a href="/versions/v9/software/S0312/"> WireLurker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="WolfRAT-WolfRAT"> <a href="/versions/v9/software/S0489/"> WolfRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="X-Agent for Android-X-Agent for Android"> <a href="/versions/v9/software/S0314/"> X-Agent for Android </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="XAgentOSX-XAgentOSX"> <a href="/versions/v9/software/S0161/"> XAgentOSX </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Xbash-Xbash"> <a href="/versions/v9/software/S0341/"> Xbash </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Xbot-Xbot"> <a href="/versions/v9/software/S0298/"> Xbot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="xCmd-xCmd"> <a href="/versions/v9/software/S0123/"> xCmd </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="XcodeGhost-XcodeGhost"> <a href="/versions/v9/software/S0297/"> XcodeGhost </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="XLoader for Android-XLoader for Android"> <a href="/versions/v9/software/S0318/"> XLoader for Android </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="XLoader for iOS-XLoader for iOS"> <a href="/versions/v9/software/S0490/"> XLoader for iOS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="XTunnel-XTunnel"> <a href="/versions/v9/software/S0117/"> XTunnel </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="YAHOYAH-YAHOYAH"> <a href="/versions/v9/software/S0388/"> YAHOYAH </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="YiSpecter-YiSpecter"> <a href="/versions/v9/software/S0311/"> YiSpecter </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="yty-yty"> <a href="/versions/v9/software/S0248/"> yty </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Zebrocy-Zebrocy"> <a href="/versions/v9/software/S0251/"> Zebrocy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Zen-Zen"> <a href="/versions/v9/software/S0494/"> Zen </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ZergHelper-ZergHelper"> <a href="/versions/v9/software/S0287/"> ZergHelper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Zeroaccess-Zeroaccess"> <a href="/versions/v9/software/S0027/"> Zeroaccess </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ZeroT-ZeroT"> <a href="/versions/v9/software/S0230/"> ZeroT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="Zeus Panda-Zeus Panda"> <a href="/versions/v9/software/S0330/"> Zeus Panda </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ZLib-ZLib"> <a href="/versions/v9/software/S0086/"> ZLib </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="zwShell-zwShell"> <a href="/versions/v9/software/S0350/"> zwShell </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="ZxShell-ZxShell"> <a href="/versions/v9/software/S0412/"> ZxShell </a> </div> </div> </div> <div class="group-nav-mobile-view"> <span class="heading" id="v-home-tab" aria-selected="false">SOFTWARE</span> <div class="sidenav"> <div class="sidenav-head" id="0-0"> <a href="/versions/v9/software/"> Overview </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="48418f3c6358406ca44dc7b2e84bda24"> <span>1-9</span> <div class="expand-button collapsed" id="48418f3c6358406ca44dc7b2e84bda24-header" data-toggle="collapse" data-target="#48418f3c6358406ca44dc7b2e84bda24-body" aria-expanded="false" aria-controls="#48418f3c6358406ca44dc7b2e84bda24-body"></div> </div> <div class="sidenav-body collapse" id="48418f3c6358406ca44dc7b2e84bda24-body" aria-labelledby="48418f3c6358406ca44dc7b2e84bda24-header"> <div class="sidenav"> <div class="sidenav-head" id="48418f3c6358406ca44dc7b2e84bda24-6292761697c84af2b3ab47e564c686ab"> <a href="/versions/v9/software/S0066/"> 3PARA RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="48418f3c6358406ca44dc7b2e84bda24-17fcf8f0d70e44b58bde97ee87b3565b"> <a href="/versions/v9/software/S0065/"> 4H RAT </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="7188c073623b4deea3ad87f4c7b3a4a6"> <span>A-B</span> <div class="expand-button collapsed" id="7188c073623b4deea3ad87f4c7b3a4a6-header" data-toggle="collapse" data-target="#7188c073623b4deea3ad87f4c7b3a4a6-body" aria-expanded="false" aria-controls="#7188c073623b4deea3ad87f4c7b3a4a6-body"></div> </div> <div class="sidenav-body collapse" id="7188c073623b4deea3ad87f4c7b3a4a6-body" aria-labelledby="7188c073623b4deea3ad87f4c7b3a4a6-header"> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-c361fed4a2074ad7a1b58a298c868ebe"> <a href="/versions/v9/software/S0469/"> ABK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-3c28e91d0f7d4f699305d80a31914546"> <a href="/versions/v9/software/S0202/"> adbupd </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-dcfaa7c55aa54178bb1cc38ebb04cd6b"> <a href="/versions/v9/software/S0552/"> AdFind </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-3e8ea259f66b434c9588b0e2c0349926"> <a href="/versions/v9/software/S0309/"> Adups </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-e088cc1834d34121af72dc7b045482fd"> <a href="/versions/v9/software/S0045/"> ADVSTORESHELL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-9f815df98da84d3796ae7d95cffc9f24"> <a href="/versions/v9/software/S0440/"> Agent Smith </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-5b248b193495413c9facde687b2e847f"> <a href="/versions/v9/software/S0331/"> Agent Tesla </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-5ebfbe1d23fc48cab30374a1245c473c"> <a href="/versions/v9/software/S0092/"> Agent.btz </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-30fecf8c31324fd18243df17eaa001bc"> <a href="/versions/v9/software/S0319/"> Allwinner </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-650af89e5439418384922ea1c5d7203d"> <a href="/versions/v9/software/S0504/"> Anchor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-e241110c3cfd497987f99cdc22bed84c"> <a href="/versions/v9/software/S0525/"> Android/AdDisplay.Ashas </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-c455c275f1104f2b9568877e39ec371a"> <a href="/versions/v9/software/S0304/"> Android/Chuli.A </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-049ae09456f440f8b186438d24818080"> <a href="/versions/v9/software/S0524/"> AndroidOS/MalLocker.B </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-1a447cea39ce4c7d96479b78bb151b38"> <a href="/versions/v9/software/S0310/"> ANDROIDOS_ANSERVER.A </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-518a1b4049754cb68fabe42c4f7be83e"> <a href="/versions/v9/software/S0292/"> AndroRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-9f91b583c2284257bfd7b5d2e8ed159e"> <a href="/versions/v9/software/S0422/"> Anubis </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-2c29f7b3241f4412a6af27efb5267c98"> <a href="/versions/v9/software/S0584/"> AppleJeus </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-3fceb81ae6334adba4e53928c78aae45"> <a href="/versions/v9/software/S0456/"> Aria-body </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-38c89689838e4cc58ae68c68aa6d2ba8"> <a href="/versions/v9/software/S0099/"> Arp </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-3ec5cd516aba43e1b565c349e0e0af61"> <a href="/versions/v9/software/S0540/"> Asacub </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-d6c4219cc90c4477b8afde579671bd4d"> <a href="/versions/v9/software/S0073/"> ASPXSpy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head active" id="7188c073623b4deea3ad87f4c7b3a4a6-ca5e8e9311c740d8999891bbe66a7473"> <a href="/versions/v9/software/S0373/"> Astaroth </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-8f07137280d748029a428f9c869490f1"> <a href="/versions/v9/software/S0110/"> at </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-21ba4399938d430a93a3870b52d4074f"> <a href="/versions/v9/software/S0438/"> Attor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-72cc824120794007bbb90faaaaabea70"> <a href="/versions/v9/software/S0347/"> AuditCred </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-ed6da5f058a44bf2ae11275996b538d4"> <a href="/versions/v9/software/S0129/"> AutoIt backdoor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-8a6b6cb297d143b7b42383cccacfa307"> <a href="/versions/v9/software/S0473/"> Avenger </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-978a5d6b115140139cea6617c618a64f"> <a href="/versions/v9/software/S0344/"> Azorult </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-822554ddc024457796d462a62758ce5c"> <a href="/versions/v9/software/S0414/"> BabyShark </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-bff93946cb2d48cf826fd3bff6ab9335"> <a href="/versions/v9/software/S0475/"> BackConfig </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-50c9eb5bed2745ae87547a9c1796d515"> <a href="/versions/v9/software/S0093/"> Backdoor.Oldrea </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-1d4dcd04271e4d3f80126e736572db43"> <a href="/versions/v9/software/S0031/"> BACKSPACE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-aebb4b3c06ce4e56945bcc799a52a88e"> <a href="/versions/v9/software/S0245/"> BADCALL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-9994806518954b64bd5412d9d343ba29"> <a href="/versions/v9/software/S0128/"> BADNEWS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-a26f35ae3d6944469dd839fc3b72f541"> <a href="/versions/v9/software/S0337/"> BadPatch </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-1a2fbb2fda144f648411131ee14da0c6"> <a href="/versions/v9/software/S0234/"> Bandook </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-2c8d1b721be04f898f11e64d83e23cc7"> <a href="/versions/v9/software/S0239/"> Bankshot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-10bd8795e03147fc818236863fdd80b5"> <a href="/versions/v9/software/S0534/"> Bazar </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-38276d27a0374313a4e7714fdc4059c5"> <a href="/versions/v9/software/S0470/"> BBK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-87f24b07cfd8464692c0cc5c89fccbde"> <a href="/versions/v9/software/S0127/"> BBSRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-2e08a24c21a64b2c86e94708c5358265"> <a href="/versions/v9/software/S0574/"> BendyBear </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-9ccb2a12b027460abb117c09b0d07ed2"> <a href="/versions/v9/software/S0017/"> BISCUIT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-8b3c0ea89a17410293a45ff73448425c"> <a href="/versions/v9/software/S0268/"> Bisonal </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-2718d54e72074504b90503b4bc99b07c"> <a href="/versions/v9/software/S0570/"> BitPaymer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-3b45607bc5994a338fe62b8db410de1f"> <a href="/versions/v9/software/S0190/"> BITSAdmin </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-fc913627c5194c75b21a6940c6944926"> <a href="/versions/v9/software/S0069/"> BLACKCOFFEE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-a6a73e3cb1654412bba4a0543decaec8"> <a href="/versions/v9/software/S0089/"> BlackEnergy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-df1ced35d9d94bbc9210e374b3ab67e1"> <a href="/versions/v9/software/S0564/"> BlackMould </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-a6cb5b8bf420475db961cf2c1d907002"> <a href="/versions/v9/software/S0520/"> BLINDINGCAN </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-1f6dc762aa94492885c1c497e0c9ddd1"> <a href="/versions/v9/software/S0521/"> BloodHound </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-02043ab47c384237a7aa4ae2f58bbde3"> <a href="/versions/v9/software/S0486/"> Bonadan </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-750a5513c41a4721be478e5d0eca8193"> <a href="/versions/v9/software/S0360/"> BONDUPDATER </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-29a722ee137f4dffa821f75ebd28084b"> <a href="/versions/v9/software/S0415/"> BOOSTWRITE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-838ad4c53d3f44a481952a144c2bade1"> <a href="/versions/v9/software/S0114/"> BOOTRASH </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-6e542a152aff45698a40c0e3355730c4"> <a href="/versions/v9/software/S0293/"> BrainTest </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-0f116510c376423bb447f11f31569445"> <a href="/versions/v9/software/S0252/"> Brave Prince </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-f8410717cea048a18d4a1cbfd0d6ec0e"> <a href="/versions/v9/software/S0432/"> Bread </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-14305b258f924dc69805ccca619fc289"> <a href="/versions/v9/software/S0204/"> Briba </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-3c936682994942799c616c5dbfdd1616"> <a href="/versions/v9/software/S0014/"> BS2005 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-54a4b9ab2d6b4cb385713de7b962e14c"> <a href="/versions/v9/software/S0043/"> BUBBLEWRAP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-1ec2787799bf4b33a2503115682766e3"> <a href="/versions/v9/software/S0471/"> build_downer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7188c073623b4deea3ad87f4c7b3a4a6-85f3be01078e4d07ae9dcc12d28a350f"> <a href="/versions/v9/software/S0482/"> Bundlore </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="45d7b74aa0944de18130a412091c2509"> <span>C-D</span> <div class="expand-button collapsed" id="45d7b74aa0944de18130a412091c2509-header" data-toggle="collapse" data-target="#45d7b74aa0944de18130a412091c2509-body" aria-expanded="false" aria-controls="#45d7b74aa0944de18130a412091c2509-body"></div> </div> <div class="sidenav-body collapse" id="45d7b74aa0944de18130a412091c2509-body" aria-labelledby="45d7b74aa0944de18130a412091c2509-header"> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-dad0af829bbb4a9395c730410f88e2e7"> <a href="/versions/v9/software/S0119/"> Cachedump </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-de6f81ee60034dcbba5a68d8db2e3265"> <a href="/versions/v9/software/S0454/"> Cadelspy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-01265574e664494ebcafbfa532b50fc6"> <a href="/versions/v9/software/S0025/"> CALENDAR </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-e6ae9e482ffa4d44958f0a0743a60190"> <a href="/versions/v9/software/S0274/"> Calisto </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-b7c27f7c3b42438084f65c75a11f6565"> <a href="/versions/v9/software/S0077/"> CallMe </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-9e34224cc35b4f5f80bede1031672758"> <a href="/versions/v9/software/S0351/"> Cannon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-1be1987dbcdb418ba963efc08035dcb7"> <a href="/versions/v9/software/S0030/"> Carbanak </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-cdb5bf3a936c4bd5891db6557758b8e0"> <a href="/versions/v9/software/S0484/"> Carberp </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-105da4ac017a475e996da2a02a510117"> <a href="/versions/v9/software/S0335/"> Carbon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-e2132eeea32f43f9a10eca6a6b45fc45"> <a href="/versions/v9/software/S0529/"> CarbonSteal </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-48735f1d19c5466ca1f0e08e2f140fd2"> <a href="/versions/v9/software/S0348/"> Cardinal RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-5e1645f3b9c345ddbd6ae47b727c1147"> <a href="/versions/v9/software/S0465/"> CARROTBALL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-e955430c035e4528a1d5a801c7dc362f"> <a href="/versions/v9/software/S0462/"> CARROTBAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-b4dc0bd1f545420b99a1a9e4cc96a103"> <a href="/versions/v9/software/S0261/"> Catchamas </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-b1a3a7d15ad84f86ab845ed9418b5f30"> <a href="/versions/v9/software/S0572/"> Caterpillar WebShell </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-48c60ad8c9414793b82ae2e4b18c1d89"> <a href="/versions/v9/software/S0222/"> CCBkdr </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-4ac63d8c3f004beca2c39e03aa9214f0"> <a href="/versions/v9/software/S0480/"> Cerberus </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-589addb37a2540cba233dc99523bb4e8"> <a href="/versions/v9/software/S0160/"> certutil </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-7cbb910100a6400a9f0908afee4f0e13"> <a href="/versions/v9/software/S0220/"> Chaos </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-f84cae45f1734efe9a38ff69c4999c68"> <a href="/versions/v9/software/S0323/"> Charger </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-b7ea032273d14477aef845efab4ac4e1"> <a href="/versions/v9/software/S0144/"> ChChes </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-52fd1fc57d714395a84887087abf19c1"> <a href="/versions/v9/software/S0555/"> CHEMISTGAMES </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-73854f02864544e7bdcfe218c431f145"> <a href="/versions/v9/software/S0107/"> Cherry Picker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-eeaf494c03694aabaedd33c962cef449"> <a href="/versions/v9/software/S0020/"> China Chopper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-5348a1bd98264c819cbdbafc413854b4"> <a href="/versions/v9/software/S0023/"> CHOPSTICK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-cd75d2edc6f74f28bec4aad343a3afb3"> <a href="/versions/v9/software/S0602/"> Circles </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-c1106e7c997448f9b31530026c59d44b"> <a href="/versions/v9/software/S0054/"> CloudDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-72565e36ba454a99aae137a6ca24c733"> <a href="/versions/v9/software/S0106/"> cmd </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-f131493e37a5488a93a5139a465e1c25"> <a href="/versions/v9/software/S0154/"> Cobalt Strike </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-04d6b8d929e24e56bd31461a3d6948ae"> <a href="/versions/v9/software/S0338/"> Cobian RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-8664bd79ce864898ab5bd66a38e95cf2"> <a href="/versions/v9/software/S0369/"> CoinTicker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-a1b6d60ce8974ebc8e60ebf22f197cc0"> <a href="/versions/v9/software/S0244/"> Comnie </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-eab1b3bbaa944f0489a05755a82a2d58"> <a href="/versions/v9/software/S0126/"> ComRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-b3a86a366f3147cf9243008da1d3779b"> <a href="/versions/v9/software/S0426/"> Concipit1248 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-cbb4d5b88d2648fab212979e84a8eda4"> <a href="/versions/v9/software/S0591/"> ConnectWise </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-10b66095858747c283c1b835297089dc"> <a href="/versions/v9/software/S0575/"> Conti </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-636f8f0797d34c4c98a8db4a12ce97a3"> <a href="/versions/v9/software/S0492/"> CookieMiner </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-5e2920a47cd04278a5ed7f647796e216"> <a href="/versions/v9/software/S0212/"> CORALDECK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-691179444b504df79e5cde4d7ef407eb"> <a href="/versions/v9/software/S0137/"> CORESHELL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-5bcc7a6ed46d41d0a655b69190233504"> <a href="/versions/v9/software/S0425/"> Corona Updates </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-7ddeee50080b41bfaa7aa2ff81d7636c"> <a href="/versions/v9/software/S0050/"> CosmicDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-46b4abcccb0f4fc7b64dec9039e06d1c"> <a href="/versions/v9/software/S0046/"> CozyCar </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-ff1c32c259394e37830d8f88222a3035"> <a href="/versions/v9/software/S0488/"> CrackMapExec </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-85e1e120a7844821bc6e61fe91780793"> <a href="/versions/v9/software/S0115/"> Crimson </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-76f3ee6d70e84263810dae1d8f61f0df"> <a href="/versions/v9/software/S0235/"> CrossRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-1491ddb715884b50af82d4be6b3813cc"> <a href="/versions/v9/software/S0538/"> Crutch </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-4917f92d6b2a4fc992cfb2c5509e9c04"> <a href="/versions/v9/software/S0498/"> Cryptoistic </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-d8b7b5f1e00a4c2da5abc58d62e64d2f"> <a href="/versions/v9/software/S0527/"> CSPY Downloader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-b609e4bb10af49fe94202373f70a947a"> <a href="/versions/v9/software/S0497/"> Dacls </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-e85c09afbce04478afc62f2c5dae9a8f"> <a href="/versions/v9/software/S0334/"> DarkComet </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-2972aba1d08242c397b6e568e422ce90"> <a href="/versions/v9/software/S0187/"> Daserf </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-825bc4f61d1b4bafab04caba19a26e88"> <a href="/versions/v9/software/S0255/"> DDKONG </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-47d1e9e048a941b3ae254814d2028265"> <a href="/versions/v9/software/S0243/"> DealersChoice </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-e3a46bb9605b456bb082db70738d7714"> <a href="/versions/v9/software/S0479/"> DEFENSOR ID </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-c850e96cf9ca4b1daf8743091f92c3be"> <a href="/versions/v9/software/S0301/"> Dendroid </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-999990709ba842358ab749cedb6318e0"> <a href="/versions/v9/software/S0354/"> Denis </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-b0e6ee62f57d449187222d1b29795390"> <a href="/versions/v9/software/S0021/"> Derusbi </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-5f3f9ca9a3184c78a97a5f9134802f97"> <a href="/versions/v9/software/S0505/"> Desert Scorpion </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-d2b4fb9f315541ec9daff39f1f1f1578"> <a href="/versions/v9/software/S0200/"> Dipsind </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-3cc8a2c475954ea1a01aefa8ad1f02e1"> <a href="/versions/v9/software/S0213/"> DOGCALL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-0af4d57a58b748389510a5707b46bef7"> <a href="/versions/v9/software/S0281/"> Dok </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-e79202c9fc8e47958dd3c0594270b149"> <a href="/versions/v9/software/S0600/"> Doki </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-5b685bd7b0e54ab2ab1dfb1dcbe5f87e"> <a href="/versions/v9/software/S0550/"> DoubleAgent </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-d40e4c25800e492f9fa0d7237d6a6574"> <a href="/versions/v9/software/S0472/"> down_new </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-318f3e3aba4247249bcd3315cdef6e9e"> <a href="/versions/v9/software/S0134/"> Downdelph </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-73f7193d85bc456abf76b76e23a5408b"> <a href="/versions/v9/software/S0186/"> DownPaper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-d78df7f9ce6445839574b0de511cee94"> <a href="/versions/v9/software/S0300/"> DressCode </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-fa4cbfb5fb2b4924ba720a7471e0c7d7"> <a href="/versions/v9/software/S0384/"> Dridex </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-f29dec5d90124dc383fd704790a56adf"> <a href="/versions/v9/software/S0320/"> DroidJack </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-72e27647836b41d2891f3aa86e9eb5d7"> <a href="/versions/v9/software/S0547/"> DropBook </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-082862e8aaa4476a85feb3fa0b4ee427"> <a href="/versions/v9/software/S0502/"> Drovorub </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-b45370169aca4afbbf90a25713df83f4"> <a href="/versions/v9/software/S0105/"> dsquery </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-83ab160e2f944e0f930ec564eee30b1f"> <a href="/versions/v9/software/S0567/"> Dtrack </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-ea784617c55649e5afd0ff7592ee5748"> <a href="/versions/v9/software/S0315/"> DualToy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-8401eaf6aa7140c8ad9c02f4b93991a5"> <a href="/versions/v9/software/S0038/"> Duqu </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-37dcdb82678c40f5844d6a6da1ac99b9"> <a href="/versions/v9/software/S0062/"> DustySky </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-0a68233f002244dc816940be9a0c5a91"> <a href="/versions/v9/software/S0420/"> Dvmap </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="45d7b74aa0944de18130a412091c2509-f698142a09fe40f0acd96f3e06ff4a62"> <a href="/versions/v9/software/S0024/"> Dyre </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="995763ff60774cf6905e1c1225aa6cd3"> <span>E-F</span> <div class="expand-button collapsed" id="995763ff60774cf6905e1c1225aa6cd3-header" data-toggle="collapse" data-target="#995763ff60774cf6905e1c1225aa6cd3-body" aria-expanded="false" aria-controls="#995763ff60774cf6905e1c1225aa6cd3-body"></div> </div> <div class="sidenav-body collapse" id="995763ff60774cf6905e1c1225aa6cd3-body" aria-labelledby="995763ff60774cf6905e1c1225aa6cd3-header"> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-440f7c89572f45459fde0f2b3f78af44"> <a href="/versions/v9/software/S0377/"> Ebury </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-af702b2b4d1c4369b91a94f544ed9dc5"> <a href="/versions/v9/software/S0593/"> ECCENTRICBANDWAGON </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-92800ced9f9c49e1801f9b0515ccd9bc"> <a href="/versions/v9/software/S0554/"> Egregor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-1c4639d52c5b42619d9241b0af6162b2"> <a href="/versions/v9/software/S0081/"> Elise </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-3837c26de33f42e2859703e13989f07e"> <a href="/versions/v9/software/S0064/"> ELMER </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-579ebdbfad37467b8b654b1762fafcb3"> <a href="/versions/v9/software/S0082/"> Emissary </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-4d64ad85a3ae425b9b27317efba9b8ee"> <a href="/versions/v9/software/S0367/"> Emotet </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-36953764dc7148d68be75e1c0d44df6b"> <a href="/versions/v9/software/S0363/"> Empire </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-315be8b1c5414f41b96c87ed4d5bda14"> <a href="/versions/v9/software/S0091/"> Epic </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-b6cb7a3c66734b75b3b2947b812f6015"> <a href="/versions/v9/software/S0404/"> esentutl </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-501630d620c64844aad50e4efda919b0"> <a href="/versions/v9/software/S0507/"> eSurv </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-f6a6f27546ae4243931a90dab5c9c05a"> <a href="/versions/v9/software/S0478/"> EventBot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-39969cce13a0435ab804d1966e0c0d06"> <a href="/versions/v9/software/S0396/"> EvilBunny </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-ae9c39bd012b4b42b7b93ec2aa085252"> <a href="/versions/v9/software/S0152/"> EvilGrab </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-becba6a835494476ba9ba67466806cc1"> <a href="/versions/v9/software/S0568/"> EVILNUM </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-38e3cf036c114a428b8ebd0949b04ca0"> <a href="/versions/v9/software/S0401/"> Exaramel for Linux </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-8fe762f488324340bf591085e32ed4f0"> <a href="/versions/v9/software/S0343/"> Exaramel for Windows </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-1efdb46c675244fe9905f40dab34784d"> <a href="/versions/v9/software/S0522/"> Exobot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-65873afe72f347ec9c23193d4ea207cb"> <a href="/versions/v9/software/S0405/"> Exodus </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-9c9808f5b39742e7a7c8851232fc98b3"> <a href="/versions/v9/software/S0361/"> Expand </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-f036159060774437a649ecff71d96392"> <a href="/versions/v9/software/S0569/"> Explosive </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-1bb75bf13b454132b4f2d6f49ad79196"> <a href="/versions/v9/software/S0076/"> FakeM </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-e27cb3bd2d1e4db5bdf971b4a6810657"> <a href="/versions/v9/software/S0509/"> FakeSpy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-44bd9661e61345439195a28bbfef165b"> <a href="/versions/v9/software/S0181/"> FALLCHILL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-c7a52e1061e54cb7a7e54d126e19f36c"> <a href="/versions/v9/software/S0512/"> FatDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-8b957d75690d428bb943f4ff6c4f0409"> <a href="/versions/v9/software/S0171/"> Felismus </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-7b8d3d8c16574e1c86904ecdefc66495"> <a href="/versions/v9/software/S0267/"> FELIXROOT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-2660039fd2ba487ba124a9c4ee077db4"> <a href="/versions/v9/software/S0120/"> Fgdump </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-3a17a2e1458f4f3ca0b6cb0ec557cbe9"> <a href="/versions/v9/software/S0355/"> Final1stspy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-dae234fb63374b9ea14e943efd098143"> <a href="/versions/v9/software/S0182/"> FinFisher </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-4f617b954de64c9fba3e2384f654a9bd"> <a href="/versions/v9/software/S0143/"> Flame </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-89c77272716844e3a5ff144d0f7d96a8"> <a href="/versions/v9/software/S0036/"> FLASHFLOOD </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-23cd0ec2130b4cb08fade93190bfc2c9"> <a href="/versions/v9/software/S0381/"> FlawedAmmyy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-41c0eac5fe6b48cb9b590f3008ec18d0"> <a href="/versions/v9/software/S0383/"> FlawedGrace </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-b24d12ea13284553a4ce495c23ec2da9"> <a href="/versions/v9/software/S0408/"> FlexiSpy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-0004f61cbecc488e950b5d5823945b87"> <a href="/versions/v9/software/S0173/"> FLIPSIDE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-a4dd54ccde59437a951a3a43ea883a43"> <a href="/versions/v9/software/S0193/"> Forfiles </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-08df06ecbf794e4b9f186eb39d9f2454"> <a href="/versions/v9/software/S0503/"> FrameworkPOS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-f984817dbfcd4011b2cd08e2e36f520e"> <a href="/versions/v9/software/S0577/"> FrozenCell </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-e90edf8b275e46f188cb74dcec6105b0"> <a href="/versions/v9/software/S0277/"> FruitFly </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-eaf3bceec6a24054ad25195399c9b56b"> <a href="/versions/v9/software/S0095/"> FTP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="995763ff60774cf6905e1c1225aa6cd3-6dc5615da30647799b4fd29942a7601d"> <a href="/versions/v9/software/S0410/"> Fysbis </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="7dda4863994e41969314028147217d4b"> <span>G-H</span> <div class="expand-button collapsed" id="7dda4863994e41969314028147217d4b-header" data-toggle="collapse" data-target="#7dda4863994e41969314028147217d4b-body" aria-expanded="false" aria-controls="#7dda4863994e41969314028147217d4b-body"></div> </div> <div class="sidenav-body collapse" id="7dda4863994e41969314028147217d4b-body" aria-labelledby="7dda4863994e41969314028147217d4b-header"> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-96c3a7e149f8443883fb29e3fb8c17d0"> <a href="/versions/v9/software/S0168/"> Gazer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-068b14a3f8904e0393a7c41db7899025"> <a href="/versions/v9/software/S0049/"> GeminiDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-39539bdfc5554eeb9861f2b88936cc13"> <a href="/versions/v9/software/S0460/"> Get2 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-1379197e041e4f49b753bbad9ab55d5d"> <a href="/versions/v9/software/S0032/"> gh0st RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-0a1b690dca9c424c9dd3d3d84aee2a12"> <a href="/versions/v9/software/S0423/"> Ginp </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-0fb3045a074c41fb8186f4bba6880ca4"> <a href="/versions/v9/software/S0026/"> GLOOXMAIL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-0b4bdbfb8cac4d7b91b45c06510b664f"> <a href="/versions/v9/software/S0249/"> Gold Dragon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-32b08aa056464f55879d72bcfc3f1c7e"> <a href="/versions/v9/software/S0535/"> Golden Cup </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-61f827c3521242968b6917fc1c89d1ef"> <a href="/versions/v9/software/S0551/"> GoldenEagle </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-b6542052a3c045c0975867c84f7f8ac9"> <a href="/versions/v9/software/S0493/"> GoldenSpy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-57504368f36f4b009a5db0bd1c4e5ca5"> <a href="/versions/v9/software/S0597/"> GoldFinder </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-ec7a7bb8ff1b42fca43931d4508c6893"> <a href="/versions/v9/software/S0588/"> GoldMax </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-199454843d354ee585d312061c05c59b"> <a href="/versions/v9/software/S0421/"> GolfSpy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-bb53aabf90a84a4f983d725c0bf4d753"> <a href="/versions/v9/software/S0290/"> Gooligan </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-5ea97ac576bc4a299da0082d0d97e5fb"> <a href="/versions/v9/software/S0477/"> Goopy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-0d14e13bfec04b78acf37473f35c2de7"> <a href="/versions/v9/software/S0536/"> GPlayed </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-60fe034b7b5c4d219234baa028eb05c2"> <a href="/versions/v9/software/S0531/"> Grandoreiro </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-bb8c6a5e36974e7a9a1482a005f50e52"> <a href="/versions/v9/software/S0237/"> GravityRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-0a6266a7b2b04e968513cc93e5c21308"> <a href="/versions/v9/software/S0342/"> GreyEnergy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-11d60f2256f643ccb5d3365f842ed916"> <a href="/versions/v9/software/S0417/"> GRIFFON </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-578c22d4f5054d6f96295dc9bccadfd7"> <a href="/versions/v9/software/S0008/"> gsecdump </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-7c07dfc2afba4c31a9ae969b7a565793"> <a href="/versions/v9/software/S0561/"> GuLoader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-1163df4d3fd2447dbaa2b50e21bfb631"> <a href="/versions/v9/software/S0406/"> Gustuff </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-f3d85c50ecac4af790400f86293fbfc6"> <a href="/versions/v9/software/S0132/"> H1N1 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-8b9a871d7bc949e2b245482480f41887"> <a href="/versions/v9/software/S0047/"> Hacking Team UEFI Rootkit </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-2686b8a32f264a4ea8725539a6c0138a"> <a href="/versions/v9/software/S0151/"> HALFBAKED </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-6ddd8a7c2fcc44a6be4fecf905f28dc6"> <a href="/versions/v9/software/S0037/"> HAMMERTOSS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-098de606790d4a6b9f96822c8c9cf8bb"> <a href="/versions/v9/software/S0499/"> Hancitor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-887e37ed1c9a4af1a7f6a0ee03658e97"> <a href="/versions/v9/software/S0214/"> HAPPYWORK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-bb6014d8e91d4bb09a5435ea0469c61c"> <a href="/versions/v9/software/S0246/"> HARDRAIN </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-2e825e70c3154d4b9b5daaa719bfd71f"> <a href="/versions/v9/software/S0224/"> Havij </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-df118731429a492dab61890aa302cccb"> <a href="/versions/v9/software/S0391/"> HAWKBALL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-763c001420674678b586a1a6371e2090"> <a href="/versions/v9/software/S0071/"> hcdLoader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-9cb257c7297241389f7ef7b505836f66"> <a href="/versions/v9/software/S0061/"> HDoor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-b4264d11660f43aebbf18b58acc38578"> <a href="/versions/v9/software/S0170/"> Helminth </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-66fb445f47b44daea9a51c95c2e89e69"> <a href="/versions/v9/software/S0544/"> HenBox </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-624ac6fa8f7548c88de3a1f492371a85"> <a href="/versions/v9/software/S0087/"> Hi-Zor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-4174588c8a784aa7b86bf44cca029f0e"> <a href="/versions/v9/software/S0394/"> HiddenWasp </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-56d093a3a65940c5ab13c4c46b6c6a41"> <a href="/versions/v9/software/S0135/"> HIDEDRV </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-f7582b8b16d646b18d1cccc40502e080"> <a href="/versions/v9/software/S0009/"> Hikit </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-cfbb1a3b2af84107b3b553ca52b0dc9a"> <a href="/versions/v9/software/S0601/"> Hildegard </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-259bb3505eae4ad9a7e20f92398a645b"> <a href="/versions/v9/software/S0232/"> HOMEFRY </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-8da03ca68df54ae2bb0a6bb4159869ce"> <a href="/versions/v9/software/S0376/"> HOPLIGHT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-af129521a0f9411d9ce612a0fcbcc38e"> <a href="/versions/v9/software/S0431/"> HotCroissant </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-f64a8f347ef74cd4a081e01eca2e7eab"> <a href="/versions/v9/software/S0040/"> HTRAN </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-a45716a36032488c8e9948a50838c255"> <a href="/versions/v9/software/S0070/"> HTTPBrowser </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-50729d64d668464dbbc7c8330fdad07c"> <a href="/versions/v9/software/S0068/"> httpclient </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-b446f4c7d5ed4f38847b873ff1fe1964"> <a href="/versions/v9/software/S0322/"> HummingBad </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-6a05d0e232b2476bb6dfc8eef44dedb8"> <a href="/versions/v9/software/S0321/"> HummingWhale </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-d7ba3aafe5f74bc691385c71cfbbeb70"> <a href="/versions/v9/software/S0203/"> Hydraq </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-9a14ee55c92944d3bd6e444a4a03dc34"> <a href="/versions/v9/software/S0398/"> HyperBro </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="7dda4863994e41969314028147217d4b-7f65bf8eade14e8aa999c61158f72523"> <a href="/versions/v9/software/S0537/"> HyperStack </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="1fb850c336df45e2badf3c675ecf29e3"> <span>I-J</span> <div class="expand-button collapsed" id="1fb850c336df45e2badf3c675ecf29e3-header" data-toggle="collapse" data-target="#1fb850c336df45e2badf3c675ecf29e3-body" aria-expanded="false" aria-controls="#1fb850c336df45e2badf3c675ecf29e3-body"></div> </div> <div class="sidenav-body collapse" id="1fb850c336df45e2badf3c675ecf29e3-body" aria-labelledby="1fb850c336df45e2badf3c675ecf29e3-header"> <div class="sidenav"> <div class="sidenav-head" id="1fb850c336df45e2badf3c675ecf29e3-3d40ba62c14a493480edc1728666aeba"> <a href="/versions/v9/software/S0483/"> IcedID </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1fb850c336df45e2badf3c675ecf29e3-b4182532aaa24485af90d97a9aa1952e"> <a href="/versions/v9/software/S0101/"> ifconfig </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1fb850c336df45e2badf3c675ecf29e3-6beee0141dac4625afc4478f6a4b78bf"> <a href="/versions/v9/software/S0278/"> iKitten </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1fb850c336df45e2badf3c675ecf29e3-8d781293905445ee8e05d26859313757"> <a href="/versions/v9/software/S0434/"> Imminent Monitor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1fb850c336df45e2badf3c675ecf29e3-7684f92140c243608b02a6d042cc465f"> <a href="/versions/v9/software/S0357/"> Impacket </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1fb850c336df45e2badf3c675ecf29e3-da794609c7994d7c95075ceb3b1ebc0f"> <a href="/versions/v9/software/S0259/"> InnaputRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1fb850c336df45e2badf3c675ecf29e3-01130ca148184b70a711973a77fa0806"> <a href="/versions/v9/software/S0463/"> INSOMNIA </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1fb850c336df45e2badf3c675ecf29e3-4a36b62bf4e34ed387f8a2346700f719"> <a href="/versions/v9/software/S0260/"> InvisiMole </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1fb850c336df45e2badf3c675ecf29e3-a7c39411776c4e8690ea794ca7f38620"> <a href="/versions/v9/software/S0231/"> Invoke-PSImage </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1fb850c336df45e2badf3c675ecf29e3-233c3873a10e44428baa1e141eab02d8"> <a href="/versions/v9/software/S0100/"> ipconfig </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1fb850c336df45e2badf3c675ecf29e3-9c613e68b89d408bbc1fb7f58e6c10da"> <a href="/versions/v9/software/S0581/"> IronNetInjector </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1fb850c336df45e2badf3c675ecf29e3-26fa4f3bda444405993504417e0e14b8"> <a href="/versions/v9/software/S0189/"> ISMInjector </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1fb850c336df45e2badf3c675ecf29e3-bbcc26bad22740c1bc33863e7613b32c"> <a href="/versions/v9/software/S0015/"> Ixeshe </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1fb850c336df45e2badf3c675ecf29e3-279190baddd04d27942986d05a0202d6"> <a href="/versions/v9/software/S0163/"> Janicab </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1fb850c336df45e2badf3c675ecf29e3-dbf21dc30e9c4484893c9fe96a1a7709"> <a href="/versions/v9/software/S0528/"> Javali </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1fb850c336df45e2badf3c675ecf29e3-9dcb81f14ce74a14bf7d792831629db5"> <a href="/versions/v9/software/S0389/"> JCry </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1fb850c336df45e2badf3c675ecf29e3-aab2f351221148e9aa59b738ebef31a9"> <a href="/versions/v9/software/S0044/"> JHUHUGIT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1fb850c336df45e2badf3c675ecf29e3-a199308d03e542e4a9cb13b225f64f3b"> <a href="/versions/v9/software/S0201/"> JPIN </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1fb850c336df45e2badf3c675ecf29e3-00c9db0c3eed46108db3d22e71e08a8d"> <a href="/versions/v9/software/S0283/"> jRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1fb850c336df45e2badf3c675ecf29e3-23903cfe984d444cb9a0c1eb6e97d98f"> <a href="/versions/v9/software/S0325/"> Judy </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="56cffb3dd4fc4e38868dba75d49ec567"> <span>K-L</span> <div class="expand-button collapsed" id="56cffb3dd4fc4e38868dba75d49ec567-header" data-toggle="collapse" data-target="#56cffb3dd4fc4e38868dba75d49ec567-body" aria-expanded="false" aria-controls="#56cffb3dd4fc4e38868dba75d49ec567-body"></div> </div> <div class="sidenav-body collapse" id="56cffb3dd4fc4e38868dba75d49ec567-body" aria-labelledby="56cffb3dd4fc4e38868dba75d49ec567-header"> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-f77ada02ba3e4f8b9eb4c0859a06f549"> <a href="/versions/v9/software/S0215/"> KARAE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-d67dff796de24c7bbbf867bc80233183"> <a href="/versions/v9/software/S0088/"> Kasidet </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-ececab99072d48f1adc66cd5378e94f5"> <a href="/versions/v9/software/S0265/"> Kazuar </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-f8847c79826b46438ddee9c498526222"> <a href="/versions/v9/software/S0585/"> Kerrdown </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-7fd9cc8646384389a9999c3f7177eb07"> <a href="/versions/v9/software/S0487/"> Kessel </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-4f1a8954e70c4a6b8545fbe79858a59a"> <a href="/versions/v9/software/S0387/"> KeyBoy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-f98ce974c937466abda3fd8dbe8891d6"> <a href="/versions/v9/software/S0276/"> Keydnap </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-5f3b7542656242bdb46e39d3b4c4f72f"> <a href="/versions/v9/software/S0271/"> KEYMARBLE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-64e1d76b46764879b2b5a2ead9c78a87"> <a href="/versions/v9/software/S0288/"> KeyRaider </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-4657bc4617c149afb9f585b96923b600"> <a href="/versions/v9/software/S0526/"> KGH_SPY </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-bbaed415b2d242b887372c5311efc1d7"> <a href="/versions/v9/software/S0599/"> Kinsing </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-7bc048a70ad244b3bb873a699e730598"> <a href="/versions/v9/software/S0437/"> Kivars </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-2daeb36dc3d2442d9c0903f066ba60a7"> <a href="/versions/v9/software/S0250/"> Koadic </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-472418f1763441aa8fedc6330cfbbbcb"> <a href="/versions/v9/software/S0162/"> Komplex </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-9373784fcfe04a0393f3ebcee431beaf"> <a href="/versions/v9/software/S0156/"> KOMPROGO </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-b7ac592a1cee47dd81b8ceb1191f8d83"> <a href="/versions/v9/software/S0356/"> KONNI </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-3034cdc6a1f141f8b87065bca529b203"> <a href="/versions/v9/software/S0236/"> Kwampirs </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-e966a5795b8c45229f5d87ba392be3f6"> <a href="/versions/v9/software/S0349/"> LaZagne </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-18df2766ab6f470c93d06ba657a07ce0"> <a href="/versions/v9/software/S0395/"> LightNeuron </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-fed64c4332ed4ac6b437ecd0575fc475"> <a href="/versions/v9/software/S0211/"> Linfo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-36377314560944ef9afdbded7f3b3b55"> <a href="/versions/v9/software/S0362/"> Linux Rabbit </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-d2335b6d5bbd4f399f2ff6874a52eb39"> <a href="/versions/v9/software/S0372/"> LockerGoga </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-2da91ae36682427b89a2aec900a16f70"> <a href="/versions/v9/software/S0397/"> LoJax </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-595c207eec2c42eb9eba8164b7c41ffa"> <a href="/versions/v9/software/S0447/"> Lokibot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-e13b6d6e12b545ab9708c99547d9250b"> <a href="/versions/v9/software/S0582/"> LookBack </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-f172a7d526304444b76d8be5a7b233ea"> <a href="/versions/v9/software/S0451/"> LoudMiner </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-0c323671203948c4a80babf1dc1ed468"> <a href="/versions/v9/software/S0042/"> LOWBALL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-4a4f0b3db0bf4f03a24f7bcedfd3695b"> <a href="/versions/v9/software/S0121/"> Lslsass </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-e51744fa8f084fbca7800c3005f93f73"> <a href="/versions/v9/software/S0532/"> Lucifer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="56cffb3dd4fc4e38868dba75d49ec567-b16a3ead86764bc08a02d401e0c7ddef"> <a href="/versions/v9/software/S0010/"> Lurid </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="39e3ccf5e40641dd904b0d11d0c696e4"> <span>M-N</span> <div class="expand-button collapsed" id="39e3ccf5e40641dd904b0d11d0c696e4-header" data-toggle="collapse" data-target="#39e3ccf5e40641dd904b0d11d0c696e4-body" aria-expanded="false" aria-controls="#39e3ccf5e40641dd904b0d11d0c696e4-body"></div> </div> <div class="sidenav-body collapse" id="39e3ccf5e40641dd904b0d11d0c696e4-body" aria-labelledby="39e3ccf5e40641dd904b0d11d0c696e4-header"> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-ad929117e09c414a99510c6884b8fbbd"> <a href="/versions/v9/software/S0409/"> Machete </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-1be03db82b904c3d9c3def4cd5307df3"> <a href="/versions/v9/software/S0282/"> MacSpy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-854f7ba19f764fafa71f39422a209dc3"> <a href="/versions/v9/software/S0413/"> MailSniper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-6c7f7d70f91140f3a5cb1346216d79e9"> <a href="/versions/v9/software/S0485/"> Mandrake </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-6df4c2455a694f588b7e7f48db1d1320"> <a href="/versions/v9/software/S0317/"> Marcher </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-3908733201d1485397d84dbbba44a8c6"> <a href="/versions/v9/software/S0167/"> Matryoshka </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-da462f365ca0493786b531201ad50e96"> <a href="/versions/v9/software/S0303/"> MazarBOT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-a7abc2ef8f8f4c6a8ad7e3fe1f7e172a"> <a href="/versions/v9/software/S0449/"> Maze </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-ae9a0cccb9d740ce8c9eaea8013a9ea3"> <a href="/versions/v9/software/S0500/"> MCMD </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-cf63d9e793ff4bb79c8d6f1621a598bd"> <a href="/versions/v9/software/S0459/"> MechaFlounder </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-c790a4e42ac341c3955c5bf4447c2ab0"> <a href="/versions/v9/software/S0175/"> meek </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-8721b77ee5184cea8335bd7254836979"> <a href="/versions/v9/software/S0576/"> MegaCortex </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-721a9f2030c0422cbd7392e72c28584a"> <a href="/versions/v9/software/S0530/"> Melcoz </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-f8f4d0bce12b4736bd4f3bfdf90584de"> <a href="/versions/v9/software/S0443/"> MESSAGETAP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-1da54db31e6d4b64a31852798f0d4990"> <a href="/versions/v9/software/S0455/"> Metamorfo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-004261e81643479e991be592c70f5062"> <a href="/versions/v9/software/S0339/"> Micropsia </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-5ecf9de241b64124a1fb9e357f3a8813"> <a href="/versions/v9/software/S0002/"> Mimikatz </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-c478b0248ea24614944a6a2e4952c95b"> <a href="/versions/v9/software/S0179/"> MimiPenguin </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-c3e1dd27da46472caf37200b211d2ac5"> <a href="/versions/v9/software/S0133/"> Miner-C </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-bad0c4c4be6e42fab0dd5f6cb168478e"> <a href="/versions/v9/software/S0051/"> MiniDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-36c0a28ca3cc4a84b795cb71ef88906c"> <a href="/versions/v9/software/S0280/"> MirageFox </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-9be1eb1f139e4855a1e496520c428b67"> <a href="/versions/v9/software/S0084/"> Mis-Type </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-3e7c4a59633444c9a2b513a17f677b8a"> <a href="/versions/v9/software/S0083/"> Misdat </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-39f1845f13494108bb8d9ceac30747b2"> <a href="/versions/v9/software/S0080/"> Mivast </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-3823ed1fcb6a4963a5892b961f2d5c58"> <a href="/versions/v9/software/S0079/"> MobileOrder </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-f3283bf6f961410daa182f9c616fe683"> <a href="/versions/v9/software/S0553/"> MoleNet </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-3cc87a218f854f01a39b074ce385493d"> <a href="/versions/v9/software/S0407/"> Monokle </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-24b9f40b56bb414e8646435a75c0789d"> <a href="/versions/v9/software/S0149/"> MoonWind </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-78e27f7765e442f0ad63cad93b6c7623"> <a href="/versions/v9/software/S0284/"> More_eggs </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-8187b4ae14764ffa8f6955b6631e7b9c"> <a href="/versions/v9/software/S0256/"> Mosquito </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-1bbd06698a184d7a928ab3b978fa6b0e"> <a href="/versions/v9/software/S0233/"> MURKYTOP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-329d993dff564edeab6a3e8a3c047a83"> <a href="/versions/v9/software/S0205/"> Naid </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-57bb1e806b094adaa76a5d5ac422df66"> <a href="/versions/v9/software/S0228/"> NanHaiShu </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-383d88f910024a9b96534b50707590c5"> <a href="/versions/v9/software/S0336/"> NanoCore </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-c145f2bf6cd343f0bbe141b4b872bc36"> <a href="/versions/v9/software/S0247/"> NavRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-4ac9ba123fd24f51a2673406d350b453"> <a href="/versions/v9/software/S0590/"> NBTscan </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-237cd62fb48c46e79a89c0d95816211a"> <a href="/versions/v9/software/S0102/"> nbtstat </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-8239c6acce7345d7b214877a597b547b"> <a href="/versions/v9/software/S0272/"> NDiskMonitor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-2cbaccb651054ac980f1cb98119c41d2"> <a href="/versions/v9/software/S0210/"> Nerex </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-3451e90b94af4b0692914f9ed0d77855"> <a href="/versions/v9/software/S0039/"> Net </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-ba349ab92da348918f09459989f1b0d0"> <a href="/versions/v9/software/S0056/"> Net Crawler </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-82712a11e595430088def8ae706e1dcb"> <a href="/versions/v9/software/S0034/"> NETEAGLE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-99911262ee034dfba7696a9ebbe9f7a7"> <a href="/versions/v9/software/S0108/"> netsh </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-e0b2b87eb57e4b968dd5ac1b5c686caa"> <a href="/versions/v9/software/S0104/"> netstat </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-d0c11584f2b74392b2d1f533f81371ae"> <a href="/versions/v9/software/S0033/"> NetTraveler </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-421955b56ae1467bb0e5d76189f39f25"> <a href="/versions/v9/software/S0457/"> Netwalker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-cc3558cc87ec4534b60db1eb81343fd6"> <a href="/versions/v9/software/S0198/"> NETWIRE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-4869ab27832a4c089c48b3526b840df4"> <a href="/versions/v9/software/S0508/"> Ngrok </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-bf54a356521245f3a0cfdeb480f90796"> <a href="/versions/v9/software/S0118/"> Nidiran </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-70a2e95f5fc5468293820c24cc00e5ba"> <a href="/versions/v9/software/S0385/"> njRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-7853dd3460244e25835b6e07a6564e72"> <a href="/versions/v9/software/S0359/"> Nltest </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-06008a854bea4165bf51aa294c9a5439"> <a href="/versions/v9/software/S0353/"> NOKKI </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-c851e818d6504bcab55a8eeb452ef612"> <a href="/versions/v9/software/S0299/"> NotCompatible </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="39e3ccf5e40641dd904b0d11d0c696e4-5db08187e1f04e6785664ec216fb438b"> <a href="/versions/v9/software/S0368/"> NotPetya </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="765d7bcc2f35481abaf311c71e691b83"> <span>O-P</span> <div class="expand-button collapsed" id="765d7bcc2f35481abaf311c71e691b83-header" data-toggle="collapse" data-target="#765d7bcc2f35481abaf311c71e691b83-body" aria-expanded="false" aria-controls="#765d7bcc2f35481abaf311c71e691b83-body"></div> </div> <div class="sidenav-body collapse" id="765d7bcc2f35481abaf311c71e691b83-body" aria-labelledby="765d7bcc2f35481abaf311c71e691b83-header"> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-d02af7fe8e3041e9a094fb891ea9a6d8"> <a href="/versions/v9/software/S0286/"> OBAD </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-eed06a361c6249e49fd10519e054f6a1"> <a href="/versions/v9/software/S0346/"> OceanSalt </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-733a765d980747a1a5702334bcf168bb"> <a href="/versions/v9/software/S0340/"> Octopus </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-aa36d57739a944a5aafadc4cd9f6955d"> <a href="/versions/v9/software/S0439/"> Okrum </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-e79b3832a34c4be59e591111a511f0a3"> <a href="/versions/v9/software/S0138/"> OLDBAIT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-33a51d03895544248d4d463fabd5237d"> <a href="/versions/v9/software/S0285/"> OldBoot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-512d584663794170a397f688f117bb7b"> <a href="/versions/v9/software/S0365/"> Olympic Destroyer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-622e5f32421d4c4696d0976414810b0a"> <a href="/versions/v9/software/S0052/"> OnionDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-37b25c0eb5ba4e7dbf4e08fc20a9364a"> <a href="/versions/v9/software/S0264/"> OopsIE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-dc8e7d261028475f8987251e1040691f"> <a href="/versions/v9/software/S0229/"> Orz </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-3ce2ce7ebdcd41c0836de01cdf9ed07e"> <a href="/versions/v9/software/S0165/"> OSInfo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-15ee2f0eaf9f45588448b0c93fb0b65c"> <a href="/versions/v9/software/S0402/"> OSX/Shlayer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-6d9b8ade4f4248c894b2c74d12867cc1"> <a href="/versions/v9/software/S0352/"> OSX_OCEANLOTUS.D </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-73b29d4d4489437687f4239e5813dcd2"> <a href="/versions/v9/software/S0594/"> Out1 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-248016dca2af41718474a50fb029859f"> <a href="/versions/v9/software/S0072/"> OwaAuth </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-0a7b03a25954470b8146c88e68f15067"> <a href="/versions/v9/software/S0598/"> P.A.S. Webshell </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-bac0568ce8fe451d9ecd40b8dbae3265"> <a href="/versions/v9/software/S0016/"> P2P ZeuS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-a65692d250264a7e8363058ba9620bb8"> <a href="/versions/v9/software/S0399/"> Pallas </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-9f8e69e8e9974f32a0e7a0aaf6bc7cf7"> <a href="/versions/v9/software/S0208/"> Pasam </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-77943927dbf84eaf9d063afb4d9558ce"> <a href="/versions/v9/software/S0122/"> Pass-The-Hash Toolkit </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-29c42cf923454e23a0b49b593759b21e"> <a href="/versions/v9/software/S0556/"> Pay2Key </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-1580852c70904a4d92fff291b51efcc7"> <a href="/versions/v9/software/S0316/"> Pegasus for Android </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-564799ac5bbf4df18c94663955e465dc"> <a href="/versions/v9/software/S0289/"> Pegasus for iOS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-d3a5b3f2de99484184392431d06ee6e9"> <a href="/versions/v9/software/S0587/"> Penquin </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-a062fb28bd634dd2b7dd5b0c6cc78556"> <a href="/versions/v9/software/S0158/"> PHOREAL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-b1344bfc5b5e4a24aba03e74eda7556b"> <a href="/versions/v9/software/S0517/"> Pillowmint </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-2a27e3fa9f4c4de8a09b279088b9e1c4"> <a href="/versions/v9/software/S0048/"> PinchDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-ff886d9db7c84ee1ac33f6644f497643"> <a href="/versions/v9/software/S0097/"> Ping </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-5e2b48ed7eb84c3e9ee931eca5e4b6ab"> <a href="/versions/v9/software/S0501/"> PipeMon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-b86fea5e5f1047d5b69331b71696ec8c"> <a href="/versions/v9/software/S0124/"> Pisloader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-d291369e05324e859f7c5c8468f1f7c6"> <a href="/versions/v9/software/S0291/"> PJApps </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-5b560a3bb78540cfb3b65fd33cba0ceb"> <a href="/versions/v9/software/S0254/"> PLAINTEE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-e1f529ec6cd14dbd9e4944898fa33021"> <a href="/versions/v9/software/S0435/"> PLEAD </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-ad32b797007648db98eac0516e701208"> <a href="/versions/v9/software/S0013/"> PlugX </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-4cb2b1be41f64c889593fb025d2b2dc9"> <a href="/versions/v9/software/S0067/"> pngdowner </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-1e37110d87664e1d9a70d1917b812b5b"> <a href="/versions/v9/software/S0428/"> PoetRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-c3910be3a28e447abea8b2e49d19cd14"> <a href="/versions/v9/software/S0012/"> PoisonIvy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-edd68a24caa547f7bd36ee48b0b82aeb"> <a href="/versions/v9/software/S0518/"> PolyglotDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-75ad2d21cb6849ca847ae90683a4bde4"> <a href="/versions/v9/software/S0453/"> Pony </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-84da3071627c48a0b11c6b066638c810"> <a href="/versions/v9/software/S0216/"> POORAIM </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-78c179ad0ba04768bfa9e02a7c1b77c0"> <a href="/versions/v9/software/S0378/"> PoshC2 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-c978ee001e4545bb86eb5c19c5681c59"> <a href="/versions/v9/software/S0150/"> POSHSPY </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-b239ee716eb046d8b85304ff03233b1f"> <a href="/versions/v9/software/S0177/"> Power Loader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-655f8e173a3642248cd8b8d63da37385"> <a href="/versions/v9/software/S0139/"> PowerDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-f86a51265afa497faba0e365a4cc8ee7"> <a href="/versions/v9/software/S0441/"> PowerShower </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-64b1f2a3d5454da8a9e19842d38e06da"> <a href="/versions/v9/software/S0145/"> POWERSOURCE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-0031cd6a045c4725ad4ce1bf68ad9428"> <a href="/versions/v9/software/S0194/"> PowerSploit </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-17ef6b47e44744aea2f60bcfc29c3f7e"> <a href="/versions/v9/software/S0393/"> PowerStallion </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-c24e2755414247fdaf7a9900fe1b6cee"> <a href="/versions/v9/software/S0223/"> POWERSTATS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-abbfb1ae473548ecacf912ce30c9d9af"> <a href="/versions/v9/software/S0371/"> POWERTON </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-a8b1dffb0c204208b9d03e78e7aaf103"> <a href="/versions/v9/software/S0184/"> POWRUNER </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-f3b1bd95bba54546872464de91080385"> <a href="/versions/v9/software/S0113/"> Prikormka </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-b0a0f24554d643a7aa78067a2e184d34"> <a href="/versions/v9/software/S0279/"> Proton </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-1f702a63fd234899917773ce398bb143"> <a href="/versions/v9/software/S0238/"> Proxysvc </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-dadd7124e6ac44d5bb37674ede9e4691"> <a href="/versions/v9/software/S0029/"> PsExec </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-f3178421604a451ca5b384ad2c1473f1"> <a href="/versions/v9/software/S0078/"> Psylo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-1ce1a24553e743d18e17196db129f46c"> <a href="/versions/v9/software/S0147/"> Pteranodon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-fd0b0fca5ab74159b779d9eab2953fc5"> <a href="/versions/v9/software/S0196/"> PUNCHBUGGY </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-5caaefa62cf84497b802a52e1b3734c5"> <a href="/versions/v9/software/S0197/"> PUNCHTRACK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-b1c9926545fb4fe290504e708cbb3553"> <a href="/versions/v9/software/S0192/"> Pupy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-b71eb17a19764209b61d1d8347243cda"> <a href="/versions/v9/software/S0006/"> pwdump </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="765d7bcc2f35481abaf311c71e691b83-a4f3c87e46424c06851258ff2eb97c04"> <a href="/versions/v9/software/S0583/"> Pysa </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="1d295894e7a94614ab8c6a56330ce2cf"> <span>Q-R</span> <div class="expand-button collapsed" id="1d295894e7a94614ab8c6a56330ce2cf-header" data-toggle="collapse" data-target="#1d295894e7a94614ab8c6a56330ce2cf-body" aria-expanded="false" aria-controls="#1d295894e7a94614ab8c6a56330ce2cf-body"></div> </div> <div class="sidenav-body collapse" id="1d295894e7a94614ab8c6a56330ce2cf-body" aria-labelledby="1d295894e7a94614ab8c6a56330ce2cf-header"> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-cd0e5123083445d59444154270f83a6b"> <a href="/versions/v9/software/S0269/"> QUADAGENT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-8cd12cd6394242bebb93a35acc650bc8"> <a href="/versions/v9/software/S0262/"> QuasarRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-ff5b834c1fa04f66b1f9f2f55d53bda6"> <a href="/versions/v9/software/S0481/"> Ragnar Locker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-da739d517c3a4bb48bdbc9911114b074"> <a href="/versions/v9/software/S0565/"> Raindrop </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-211d9bdbc7d94a85957d5498024379c4"> <a href="/versions/v9/software/S0458/"> Ramsay </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-7344e222306a4ddba5691e97946414b3"> <a href="/versions/v9/software/S0055/"> RARSTONE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-9426299bd74542d5927b2b61042e5199"> <a href="/versions/v9/software/S0241/"> RATANKBA </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-d1691d8cc8834ef794756ab458f7ee00"> <a href="/versions/v9/software/S0364/"> RawDisk </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-57e09eee33b247c49c9970ab7404a689"> <a href="/versions/v9/software/S0169/"> RawPOS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-9d9ff53d728641d8be3a450d59717164"> <a href="/versions/v9/software/S0295/"> RCSAndroid </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-67f158b9c68b407c80f75e18c95581bc"> <a href="/versions/v9/software/S0495/"> RDAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-2c8651703a08466ba672bd625d5a933e"> <a href="/versions/v9/software/S0416/"> RDFSNIFFER </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-8d55201f80f3470b8908c22974608d4e"> <a href="/versions/v9/software/S0172/"> Reaver </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-5702ad7da0d849c69fb44c4c863d3b43"> <a href="/versions/v9/software/S0539/"> Red Alert 2.0 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-d8a41dad618e4edf80a35c4445f5beb1"> <a href="/versions/v9/software/S0326/"> RedDrop </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-bcc5b9affe674cc9834c5b9b19eceae1"> <a href="/versions/v9/software/S0153/"> RedLeaves </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-8e17302b07e64557b7240b8cc13cdc5f"> <a href="/versions/v9/software/S0075/"> Reg </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-df3ea8cf02904d1089194a3878d45ad8"> <a href="/versions/v9/software/S0511/"> RegDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-40a2a2dbe0ec47d2a9efb7db4039b6fb"> <a href="/versions/v9/software/S0019/"> Regin </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-2500d8a0e8bb465c9d17fdec75751dc9"> <a href="/versions/v9/software/S0332/"> Remcos </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-2323308f8ae642b08afdac7fbb3a7585"> <a href="/versions/v9/software/S0375/"> Remexi </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-469ff9d046ad4832858610168eb420c0"> <a href="/versions/v9/software/S0166/"> RemoteCMD </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-25051c5399a24d228818d28d464a0061"> <a href="/versions/v9/software/S0592/"> RemoteUtilities </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-5464941c17844028b4df8a8ed74c6248"> <a href="/versions/v9/software/S0125/"> Remsec </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-9f73fb7701754315b7fd4280919d0f0b"> <a href="/versions/v9/software/S0174/"> Responder </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-55d3f71459004f2ca2f7dbbc5868bc1a"> <a href="/versions/v9/software/S0379/"> Revenge RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-b7f7effca712495aae8a4ba8bb701354"> <a href="/versions/v9/software/S0496/"> REvil </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-eb811d090d2d4882ba8a160dad72cfc2"> <a href="/versions/v9/software/S0258/"> RGDoor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-abb7cdadf1d741ba86a6560b6fcfd712"> <a href="/versions/v9/software/S0433/"> Rifdoor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-a6ae63409a014629aed6b70c8988cc3e"> <a href="/versions/v9/software/S0403/"> Riltok </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-0ef24be3505b4e2c945010b9800a3eeb"> <a href="/versions/v9/software/S0003/"> RIPTIDE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-45f68fc46b3d44bd948abf038b19007c"> <a href="/versions/v9/software/S0448/"> Rising Sun </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-f6fed98ddde348a7946c8597deb6aba2"> <a href="/versions/v9/software/S0400/"> RobbinHood </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-6a15713c27ed400c9003a03e667978b2"> <a href="/versions/v9/software/S0112/"> ROCKBOOT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-0d84f873b32749e394a3a739dee2cbc9"> <a href="/versions/v9/software/S0270/"> RogueRobin </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-0447dc0196c14bddba552213a370fd51"> <a href="/versions/v9/software/S0240/"> ROKRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-ae828b9e8e9f4c7ca772262e8e7b94e1"> <a href="/versions/v9/software/S0411/"> Rotexy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-3e8228a832114024939f8a4d57f61e76"> <a href="/versions/v9/software/S0103/"> route </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-6728f74d4d9a482a806dd0a00fa3adc3"> <a href="/versions/v9/software/S0090/"> Rover </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-03fb989e8d784e72b89e318434b89f5a"> <a href="/versions/v9/software/S0148/"> RTM </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-ba8a862396554b1a9b7556360555ec38"> <a href="/versions/v9/software/S0358/"> Ruler </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-2ac50fed105949b5a11c4113bff084cb"> <a href="/versions/v9/software/S0313/"> RuMMS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-5183fbba5a3b43e6af87b9e680c25877"> <a href="/versions/v9/software/S0253/"> RunningRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="1d295894e7a94614ab8c6a56330ce2cf-b369784646f34c408eb50353ae0b81cf"> <a href="/versions/v9/software/S0446/"> Ryuk </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="15aa0ca24b1f4115a3ec8a114cf45759"> <span>S-T</span> <div class="expand-button collapsed" id="15aa0ca24b1f4115a3ec8a114cf45759-header" data-toggle="collapse" data-target="#15aa0ca24b1f4115a3ec8a114cf45759-body" aria-expanded="false" aria-controls="#15aa0ca24b1f4115a3ec8a114cf45759-body"></div> </div> <div class="sidenav-body collapse" id="15aa0ca24b1f4115a3ec8a114cf45759-body" aria-labelledby="15aa0ca24b1f4115a3ec8a114cf45759-header"> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-ea6e98679a2e482cba9c14b4e9da4180"> <a href="/versions/v9/software/S0085/"> S-Type </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-6152c407d01448769ad39d0d3f01d076"> <a href="/versions/v9/software/S0074/"> Sakula </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-d8b854356cb14539b6b613e7c3186d28"> <a href="/versions/v9/software/S0370/"> SamSam </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-bcee0fc4bebc4a85acb57b05b8f201a0"> <a href="/versions/v9/software/S0111/"> schtasks </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-0a9386f7dd60457e945c336059afa9b3"> <a href="/versions/v9/software/S0461/"> SDBbot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-c9c3fa1db1e644a7b223d17f3f38760f"> <a href="/versions/v9/software/S0195/"> SDelete </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-4fdc7944b99b4e42856fc8049d0baa65"> <a href="/versions/v9/software/S0053/"> SeaDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-f983f05c988742f8b95fcc1d07ac346f"> <a href="/versions/v9/software/S0345/"> Seasalt </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-c909a35768b145c5b78c928c4379697c"> <a href="/versions/v9/software/S0185/"> SEASHARPEE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-52727e23d6c44c64a196e60a8e49984c"> <a href="/versions/v9/software/S0382/"> ServHelper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-a872f109703146a4b0d9e22b7fa9f100"> <a href="/versions/v9/software/S0596/"> ShadowPad </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-01f3a26d7a4f4dacb01dd0b502bd15cd"> <a href="/versions/v9/software/S0140/"> Shamoon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-5d54439399874fc99c02541fd70664b9"> <a href="/versions/v9/software/S0546/"> SharpStage </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-1b90224aaa2540a3895cb354d056a386"> <a href="/versions/v9/software/S0450/"> SHARPSTATS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-80d7e92bf75d4d45b6c024bd7ead1cc3"> <a href="/versions/v9/software/S0294/"> ShiftyBug </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-55dbab27a2314d1f9985a1eeeb72065d"> <a href="/versions/v9/software/S0444/"> ShimRat </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-3ed080aa09f34b0da33f4fc83fcf507e"> <a href="/versions/v9/software/S0445/"> ShimRatReporter </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-545577c2e50b471491533e4edc550a05"> <a href="/versions/v9/software/S0028/"> SHIPSHAPE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-5394b8427e8d45dabc231338cf8adbab"> <a href="/versions/v9/software/S0063/"> SHOTPUT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-9ebe30d5a3f04a0692e9bdb596e25ae2"> <a href="/versions/v9/software/S0217/"> SHUTTERSPEED </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-acb11ef1550e47598904f5076b4b5ea0"> <a href="/versions/v9/software/S0589/"> Sibot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-d667077ff4e24e319173e3d09713d478"> <a href="/versions/v9/software/S0549/"> SilkBean </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-dbc487142b8f4d88aa76b9909628e237"> <a href="/versions/v9/software/S0419/"> SimBad </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-1518b6b3fc2f4fada42918c8d71c4c3c"> <a href="/versions/v9/software/S0007/"> Skeleton Key </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-4b55bdcd98624f83837778868f3096db"> <a href="/versions/v9/software/S0468/"> Skidmap </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-ec3d0ebce4254daa90d337b7ba3571a6"> <a href="/versions/v9/software/S0327/"> Skygofree </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-16a2a9044f004b139e034a223b8540f6"> <a href="/versions/v9/software/S0533/"> SLOTHFULMEDIA </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-01c63e07064349fcbc8c1c88f519a938"> <a href="/versions/v9/software/S0218/"> SLOWDRIFT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-dc198740f2d94484af9a1d5505e8ef59"> <a href="/versions/v9/software/S0226/"> Smoke Loader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-74481046eff346e1974a7e7f0e4fab5a"> <a href="/versions/v9/software/S0159/"> SNUGRIDE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-b5cde379d3b54ccbaa3fb3a1e8570dff"> <a href="/versions/v9/software/S0273/"> Socksbot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-9f1a3fc6ea9743fcb7d10a9193378976"> <a href="/versions/v9/software/S0516/"> SoreFang </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-548bd8cbd2ed424ca926af80c212699d"> <a href="/versions/v9/software/S0157/"> SOUNDBITE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-95e20b4079504fbfb38d71fe492f677b"> <a href="/versions/v9/software/S0035/"> SPACESHIP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-323c20e773614934acee3650115e0f35"> <a href="/versions/v9/software/S0543/"> Spark </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-b706daf112a24c94a704ad2493ee60e4"> <a href="/versions/v9/software/S0374/"> SpeakUp </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-c48c4de5dde14d5ba98fd078096fba69"> <a href="/versions/v9/software/S0227/"> spwebmember </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-b2a14338c5bf41709bc62a5b178eff49"> <a href="/versions/v9/software/S0324/"> SpyDealer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-98f6995dbd6943ee914a923d7d4d936b"> <a href="/versions/v9/software/S0305/"> SpyNote RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-4cb101c759e24b4db2d09d57aeaa787f"> <a href="/versions/v9/software/S0225/"> sqlmap </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-6f36597c58a64ee398dd795f6f222bfa"> <a href="/versions/v9/software/S0390/"> SQLRat </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-e2489e7c9df742d9b9f2e74fcd37781d"> <a href="/versions/v9/software/S0058/"> SslMM </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-472a04b1ee2a4ef1839d944c8d494d1c"> <a href="/versions/v9/software/S0188/"> Starloader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-2eecda35affa48b38f788ab837008042"> <a href="/versions/v9/software/S0328/"> Stealth Mango </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-0e3dd73036e9463b9628c0b621b1c7ea"> <a href="/versions/v9/software/S0380/"> StoneDrill </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-98b5d6f482224fb29f4323aca6c816f8"> <a href="/versions/v9/software/S0142/"> StreamEx </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-f2a4f1d11a374352a3a87e9ad607bf4f"> <a href="/versions/v9/software/S0491/"> StrongPity </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-08e85fc1741c459c9385ef6998c583af"> <a href="/versions/v9/software/S0559/"> SUNBURST </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-d29d56e66e7447e28e40bdb9e74fa1a6"> <a href="/versions/v9/software/S0562/"> SUNSPOT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-98c9f44bf41d45c79411c3651b99d679"> <a href="/versions/v9/software/S0578/"> SUPERNOVA </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-44e26958502648ae890e46f20c62c34a"> <a href="/versions/v9/software/S0018/"> Sykipot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-e89ead481eab4935a7d255a749c56c02"> <a href="/versions/v9/software/S0242/"> SynAck </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-53ca34c7f5a04b19ada6955481bb3581"> <a href="/versions/v9/software/S0519/"> SYNful Knock </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-a1a848232dae4f7f89408cd9979a0745"> <a href="/versions/v9/software/S0060/"> Sys10 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-ee44814b98514821b0bae9a1cf36d070"> <a href="/versions/v9/software/S0464/"> SYSCON </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-7deb103aa3c54bebb99f89553538113d"> <a href="/versions/v9/software/S0096/"> Systeminfo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-1a357678b8024f85af86418de4b6e7a9"> <a href="/versions/v9/software/S0098/"> T9000 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-d8fcb654e00b4aeaabe9201a3cdd182a"> <a href="/versions/v9/software/S0011/"> Taidoor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-8f9a6ec8e8e24e55b8b360dd9419865a"> <a href="/versions/v9/software/S0586/"> TAINTEDSCRIBE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-61fc867a4867446392bfd85b18fa44e5"> <a href="/versions/v9/software/S0467/"> TajMahal </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-3176860488734abe90a1fc7d08ec333f"> <a href="/versions/v9/software/S0329/"> Tangelo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-490904e37b8e4c9b878fe9914b39b650"> <a href="/versions/v9/software/S0057/"> Tasklist </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-67c19529f9df4ca38170275765e797be"> <a href="/versions/v9/software/S0164/"> TDTESS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-b80db1c7728142c28270168205aa00b5"> <a href="/versions/v9/software/S0560/"> TEARDROP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-34ef4cae4c7c483983d402055ccb3c02"> <a href="/versions/v9/software/S0545/"> TERRACOTTA </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-0d7ccab9f5a34f87b2c6b8e0d2c1e93f"> <a href="/versions/v9/software/S0146/"> TEXTMATE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-d9f9d047e4a74fc3abbd97f5ff90c380"> <a href="/versions/v9/software/S0595/"> ThiefQuest </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-2383282c4c50465b883c8194d1f4b0f7"> <a href="/versions/v9/software/S0558/"> Tiktok Pro </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-d6e3c98e52444ecf8b2dc4dda2637543"> <a href="/versions/v9/software/S0131/"> TINYTYPHON </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-302e64ce1d7841cb946cdc2553a1f110"> <a href="/versions/v9/software/S0004/"> TinyZBot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-be0fe600775047f4a170946bf709b54f"> <a href="/versions/v9/software/S0183/"> Tor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-0d1a2fc569b44d64982dd46689f42e8a"> <a href="/versions/v9/software/S0424/"> Triada </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-2e7ef33c492f4b33ae1dda162c91a720"> <a href="/versions/v9/software/S0266/"> TrickBot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-b8d5d5c5582644008526787eaa15f1ec"> <a href="/versions/v9/software/S0427/"> TrickMo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-1e2f6ff87c1b430da45f35525599d318"> <a href="/versions/v9/software/S0307/"> Trojan-SMS.AndroidOS.Agent.ao </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-691eebd166a44ff1946a8f105c238ebe"> <a href="/versions/v9/software/S0306/"> Trojan-SMS.AndroidOS.FakeInst.a </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-cc1d5d39020a41cc888fce098c17b97a"> <a href="/versions/v9/software/S0308/"> Trojan-SMS.AndroidOS.OpFake.a </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-7af8eca0765a44c88b2ad88f4aab80cc"> <a href="/versions/v9/software/S0094/"> Trojan.Karagany </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-9779b768ef5c4124ae91412fa50c2fd7"> <a href="/versions/v9/software/S0001/"> Trojan.Mebromi </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-282f499a654c4c85840ac62568502153"> <a href="/versions/v9/software/S0178/"> Truvasys </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-fd3b52ec0c2c4a16b9e08d15dabfc35a"> <a href="/versions/v9/software/S0436/"> TSCookie </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-943771414962416d911cf963c66b4749"> <a href="/versions/v9/software/S0199/"> TURNEDUP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-813def908b244b4a94e1834eb7a350f1"> <a href="/versions/v9/software/S0302/"> Twitoor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="15aa0ca24b1f4115a3ec8a114cf45759-b0a00ee9448642a580b7effa8c12e6c0"> <a href="/versions/v9/software/S0263/"> TYPEFRAME </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="77e4f19870be4252a0de8a84c11b4ee1"> <span>U-V</span> <div class="expand-button collapsed" id="77e4f19870be4252a0de8a84c11b4ee1-header" data-toggle="collapse" data-target="#77e4f19870be4252a0de8a84c11b4ee1-body" aria-expanded="false" aria-controls="#77e4f19870be4252a0de8a84c11b4ee1-body"></div> </div> <div class="sidenav-body collapse" id="77e4f19870be4252a0de8a84c11b4ee1-body" aria-labelledby="77e4f19870be4252a0de8a84c11b4ee1-header"> <div class="sidenav"> <div class="sidenav-head" id="77e4f19870be4252a0de8a84c11b4ee1-43e43427743a49b9828a5b8d322dc275"> <a href="/versions/v9/software/S0116/"> UACMe </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="77e4f19870be4252a0de8a84c11b4ee1-d6ae64d8c61543579d5167f4719c3287"> <a href="/versions/v9/software/S0333/"> UBoatRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="77e4f19870be4252a0de8a84c11b4ee1-a4dcfce6e57f478e8c4571d85789897b"> <a href="/versions/v9/software/S0221/"> Umbreon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="77e4f19870be4252a0de8a84c11b4ee1-23436e3c6e4e43fdba5e718b42220d62"> <a href="/versions/v9/software/S0130/"> Unknown Logger </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="77e4f19870be4252a0de8a84c11b4ee1-8e32f4628e984236b076fb6794199a24"> <a href="/versions/v9/software/S0275/"> UPPERCUT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="77e4f19870be4252a0de8a84c11b4ee1-912abd85faee4bc88b2221d308893f91"> <a href="/versions/v9/software/S0022/"> Uroburos </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="77e4f19870be4252a0de8a84c11b4ee1-e6de7b31fc504ea8b22d1642a022a149"> <a href="/versions/v9/software/S0386/"> Ursnif </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="77e4f19870be4252a0de8a84c11b4ee1-6cdae87bbddc4f7cac03296202d72112"> <a href="/versions/v9/software/S0452/"> USBferry </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="77e4f19870be4252a0de8a84c11b4ee1-84ffddf95e264244b31c48ef02de69f7"> <a href="/versions/v9/software/S0136/"> USBStealer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="77e4f19870be4252a0de8a84c11b4ee1-9dc2dc0c9a9a4f9a870757b67fd00fc5"> <a href="/versions/v9/software/S0476/"> Valak </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="77e4f19870be4252a0de8a84c11b4ee1-94dab4452e6d4d05938a4725574980f1"> <a href="/versions/v9/software/S0207/"> Vasport </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="77e4f19870be4252a0de8a84c11b4ee1-8786aae2da804a1e913848ceb6842d7a"> <a href="/versions/v9/software/S0442/"> VBShower </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="77e4f19870be4252a0de8a84c11b4ee1-eaaaba953cdf432caa8dcee6515ba34a"> <a href="/versions/v9/software/S0257/"> VERMIN </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="77e4f19870be4252a0de8a84c11b4ee1-419191f6ce5b4d488727b1891de51122"> <a href="/versions/v9/software/S0418/"> ViceLeaker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="77e4f19870be4252a0de8a84c11b4ee1-5f659086bae54408b26fa129d97d37ec"> <a href="/versions/v9/software/S0506/"> ViperRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="77e4f19870be4252a0de8a84c11b4ee1-f580c77dfe3f4daf85e6330bfe594edf"> <a href="/versions/v9/software/S0180/"> Volgmer </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="55d438137efb45b2a8ab34a3e319980b"> <span>W-X</span> <div class="expand-button collapsed" id="55d438137efb45b2a8ab34a3e319980b-header" data-toggle="collapse" data-target="#55d438137efb45b2a8ab34a3e319980b-body" aria-expanded="false" aria-controls="#55d438137efb45b2a8ab34a3e319980b-body"></div> </div> <div class="sidenav-body collapse" id="55d438137efb45b2a8ab34a3e319980b-body" aria-labelledby="55d438137efb45b2a8ab34a3e319980b-header"> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-700c9c47465c43cdab6c1ce6bd9c1dd8"> <a href="/versions/v9/software/S0366/"> WannaCry </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-a768f763025947258e6c29d2e8d4081f"> <a href="/versions/v9/software/S0579/"> Waterbear </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-7c804ba0883a4eeebc8e997ad633efdf"> <a href="/versions/v9/software/S0109/"> WEBC2 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-b3c2103e0e694da0a58d3f80887a55f1"> <a href="/versions/v9/software/S0515/"> WellMail </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-5c415dc7c7fe46e399218f643eefd0c1"> <a href="/versions/v9/software/S0514/"> WellMess </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-1126f71fede44e248bf58f0808c61eac"> <a href="/versions/v9/software/S0206/"> Wiarp </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-5c302499f1964d518a04679075b6017d"> <a href="/versions/v9/software/S0005/"> Windows Credential Editor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-322e2caf814c4e5ebf535247daacecda"> <a href="/versions/v9/software/S0155/"> WINDSHIELD </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-40ac3a659af24593a82a7d2adf125dfd"> <a href="/versions/v9/software/S0466/"> WindTail </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-9b37411796514207a5fce16dfbc50eeb"> <a href="/versions/v9/software/S0219/"> WINERACK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-3087e3820f234d3182240772f94f006d"> <a href="/versions/v9/software/S0191/"> Winexe </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-81a16b302f0b47f9a74e65ceac8093ce"> <a href="/versions/v9/software/S0176/"> Wingbird </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-7603c9cd4b58423dac33dc67152a3a08"> <a href="/versions/v9/software/S0059/"> WinMM </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-0242b9ed2b7b4188bfde9875cacff24c"> <a href="/versions/v9/software/S0430/"> Winnti for Linux </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-80aed80f3f1f4495893e0fbd29798e6e"> <a href="/versions/v9/software/S0141/"> Winnti for Windows </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-eab80861027d45c59c02b1bb4d68a41a"> <a href="/versions/v9/software/S0041/"> Wiper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-6ed7b149839f49c6bb1047d4f419f66f"> <a href="/versions/v9/software/S0312/"> WireLurker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-2c0ca6604e37439d843b5c9af0d887eb"> <a href="/versions/v9/software/S0489/"> WolfRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-b725ef00df2a46c0abda20bd4fec1d02"> <a href="/versions/v9/software/S0314/"> X-Agent for Android </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-5aa24b597dd544d3a9396643988afc71"> <a href="/versions/v9/software/S0161/"> XAgentOSX </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-b88905a73aee4963bcbf00678bb4d4ce"> <a href="/versions/v9/software/S0341/"> Xbash </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-eb4f8b9a090446bdab68741ac3a491a9"> <a href="/versions/v9/software/S0298/"> Xbot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-889991f3d20a4164a81259a419ef1930"> <a href="/versions/v9/software/S0123/"> xCmd </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-1896d41242324c059e40bac0ee3a64d1"> <a href="/versions/v9/software/S0297/"> XcodeGhost </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-a5fad0a88f2148d79f29eadad968eff9"> <a href="/versions/v9/software/S0318/"> XLoader for Android </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-3e2b327de8ef418a84640cb872e674ee"> <a href="/versions/v9/software/S0490/"> XLoader for iOS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="55d438137efb45b2a8ab34a3e319980b-800b43f387e94cc0a1da9b53eda1eba0"> <a href="/versions/v9/software/S0117/"> XTunnel </a> </div> </div> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="4fd897e7588447a2a2622250f2b7755b"> <span>Y-Z</span> <div class="expand-button collapsed" id="4fd897e7588447a2a2622250f2b7755b-header" data-toggle="collapse" data-target="#4fd897e7588447a2a2622250f2b7755b-body" aria-expanded="false" aria-controls="#4fd897e7588447a2a2622250f2b7755b-body"></div> </div> <div class="sidenav-body collapse" id="4fd897e7588447a2a2622250f2b7755b-body" aria-labelledby="4fd897e7588447a2a2622250f2b7755b-header"> <div class="sidenav"> <div class="sidenav-head" id="4fd897e7588447a2a2622250f2b7755b-7ba0d36f96844fab8bca01f9245277b4"> <a href="/versions/v9/software/S0388/"> YAHOYAH </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="4fd897e7588447a2a2622250f2b7755b-d0c50e5480f64fb2a80d99230b360648"> <a href="/versions/v9/software/S0311/"> YiSpecter </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="4fd897e7588447a2a2622250f2b7755b-cc980bf115dc4d1f82d6ec873933aca6"> <a href="/versions/v9/software/S0248/"> yty </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="4fd897e7588447a2a2622250f2b7755b-d1df68c14ceb425d9ac54e0d57be9016"> <a href="/versions/v9/software/S0251/"> Zebrocy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="4fd897e7588447a2a2622250f2b7755b-881d59775df74bf98fe38a32cf3a1b8c"> <a href="/versions/v9/software/S0494/"> Zen </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="4fd897e7588447a2a2622250f2b7755b-36c9677d75074742a54558d001d57f23"> <a href="/versions/v9/software/S0287/"> ZergHelper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="4fd897e7588447a2a2622250f2b7755b-fb940d1e2ba941da86bcc8b80a19080f"> <a href="/versions/v9/software/S0027/"> Zeroaccess </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="4fd897e7588447a2a2622250f2b7755b-5db84952c85b413d9d2bf7fa4831d11a"> <a href="/versions/v9/software/S0230/"> ZeroT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="4fd897e7588447a2a2622250f2b7755b-1dacedbe178c47858f279515adf022b3"> <a href="/versions/v9/software/S0330/"> Zeus Panda </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="4fd897e7588447a2a2622250f2b7755b-140b30c9da1b46539712f639a365ef4a"> <a href="/versions/v9/software/S0086/"> ZLib </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="4fd897e7588447a2a2622250f2b7755b-7f953f79d6fa4d6c8b3856712508f25c"> <a href="/versions/v9/software/S0350/"> zwShell </a> </div> </div> <div class="sidenav"> <div class="sidenav-head" id="4fd897e7588447a2a2622250f2b7755b-18672cae57a442d6a5895c5abd2d1761"> <a href="/versions/v9/software/S0412/"> ZxShell </a> </div> </div> </div> </div> </div> <!--start-indexing-for-search--> </div> <div class="tab-content col-xl-10 col-lg-9 col-md-9 pt-4" id="v-tabContent"> <div class="tab-pane fade show active" id="v-attckmatrix" role="tabpanel" aria-labelledby="v-attckmatrix-tab"> <ol class="breadcrumb"> <li class="breadcrumb-item"><a href="/versions/v9/">Home</a></li> <li class="breadcrumb-item"><a href="/versions/v9/software/">Software</a></li> <li class="breadcrumb-item">Astaroth</li> </ol> <div class="tab-pane fade show active" id="v-" role="tabpanel" aria-labelledby="v--tab"></div> <div class="row"> <div class="col-xl-12"> <div class="jumbotron jumbotron-fluid"> <div class="container-fluid"> <h1> Astaroth </h1> <div class="row"> <div class="col-md-8"> <div class="description-body"> <p><a href="/versions/v9/software/S0373">Astaroth</a> is a Trojan and information stealer known to affect companies in Europe, Brazil, and throughout Latin America. It has been known publicly since at least late 2017. <span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Cybereason Astaroth Feb 2019"><sup><a href="https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span><span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Cofense Astaroth Sept 2018"><sup><a href="https://cofense.com/seeing-resurgence-demonic-astaroth-wmic-trojan/" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a></sup></span><span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="Securelist Brazilian Banking Malware July 2020"><sup><a href="https://securelist.com/the-tetrade-brazilian-banking-malware/97779/" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span></p> </div> </div> <div class="col-md-4"> <div class="card"> <div class="card-body"> <div id="card-id" class="row card-data"> <div class="col-md-1 px-0 text-center"></div> <div class="col-md-11 pl-0"> <span class="h5 card-title">ID: </span>S0373 </div> </div> <div class="row card-data"> <div class="col-md-1 px-0 text-center"> <span data-toggle="tooltip" data-placement="left" title="" data-test-ignore="true" data-original-title="Names that have overlapping reference to a software entry and may refer to the same or similar software in threat intelligence reporting">ⓘ</span> </div> <div class="col-md-11 pl-0"> <span class="h5 card-title">Associated Software</span>: Guildma </div> </div> <div class="row card-data"> <div class="col-md-1 px-0 text-center"> <span data-toggle="tooltip" data-placement="left" title="" data-test-ignore="true" data-original-title="This software is commercial, custom closed source, or open source software intended to be used for malicious purposes by adversaries">ⓘ</span> </div> <div class="col-md-11 pl-0"> <span class="h5 card-title">Type</span>: MALWARE </div> </div> <div class="row card-data"> <div class="col-md-1 px-0 text-center"> <span data-toggle="tooltip" data-placement="left" title="" data-test-ignore="true" data-original-title="The system an adversary is operating within; could be an operating system or application">ⓘ</span> </div> <div class="col-md-11 pl-0"> <span class="h5 card-title">Platforms</span>: Windows </div> </div> <div class="row card-data"> <div class="col-md-1 px-0 text-center"></div> <div class="col-md-11 pl-0"> <span class="h5 card-title">Contributors</span>: Carlos Borges, @huntingneo, CIP </div> </div> <div class="row card-data"> <div class="col-md-1 px-0 text-center"></div> <div class="col-md-11 pl-0"> <span class="h5 card-title">Version</span>: 2.0 </div> </div> <div class="row card-data"> <div class="col-md-1 px-0 text-center"></div> <div class="col-md-11 pl-0"> <span class="h5 card-title">Created: </span>17 April 2019 </div> </div> <div class="row card-data"> <div class="col-md-1 px-0 text-center"></div> <div class="col-md-11 pl-0"> <span class="h5 card-title">Last Modified: </span>08 December 2020 </div> </div> </div> </div> <div class="text-center pt-2 version-button permalink"> <div class="live"> <a data-toggle="tooltip" data-placement="bottom" title="Permalink to this version of S0373" href="/versions/v9/software/S0373/" data-test-ignore="true">Version Permalink</a> </div> <div class="permalink"> <a data-toggle="tooltip" data-placement="bottom" title="Go to the live version of S0373" href="/software/S0373/" data-test-ignore="true">Live Version</a><!--do not change this line without also changing versions.py--> </div> </div> </div> </div> <h2 class="pt-3" id ="aliasDescription">Associated Software Descriptions</h2> <table class="table table-bordered table-alternate mt-2"> <thead> <tr> <th scope="col">Name</th> <th scope="col">Description</th> </tr> </thead> <tbody> <tr> <td> Guildma </td> <td> <p><span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="Securelist Brazilian Banking Malware July 2020"><sup><a href="https://securelist.com/the-tetrade-brazilian-banking-malware/97779/" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span></p> </td> </tr> </tbody> </table> <!--stop-indexing-for-search--> <div class="dropdown h3 mt-3 float-right"> <button class="btn btn-navy dropdown-toggle" type="button" id="dropdownMenuButton" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <b>ATT&CK<sup>®</sup> Navigator Layers</b> </button> <div class="dropdown-menu" aria-labelledby="dropdownMenuButton"> <h6 class="dropdown-header">Enterprise Layer</h6> <a class="dropdown-item" href="/versions/v9/software/S0373/S0373-enterprise-layer.json" download target="_blank">download</a> <!-- only show view on navigator link if layer link is defined --> <a class="dropdown-item" href="#" id="view-layer-on-navigator-enterprise" target="_blank">view <img width="10" src="/versions/v9/theme/images/external-site-dark.jpeg"></a> <script src="/versions/v9/theme/scripts/settings.js"></script> <script> if (window.location.protocol == "https:") { //view on navigator only works when this site is hosted on HTTPS layerURL = window.location.protocol + "//" + window.location.host + base_url + "software/S0373/S0373-enterprise-layer.json"; document.getElementById("view-layer-on-navigator-enterprise").href = "https://mitre-attack.github.io/attack-navigator//#layerURL=" + encodeURIComponent(layerURL); } else { //hide button document.getElementById("view-layer-on-navigator-enterprise").classList.add("d-none"); } </script> </div> </div> <!--start-indexing-for-search--> <h2 class="pt-3" id="techniques">Techniques Used</h2> <table class="table techniques-used table-bordered mt-2"> <thead> <tr> <th class="p-2" scope="col">Domain</th> <th class="p-2" colspan="2">ID</th> <th class="p-2" scope="col">Name</th> <th class="p-2" scope="col">Use</th> </tr> </thead> <tbody> <tr class="sub technique noparent" id="uses-T1547-001"> <td> Enterprise </td> <td> <a href="/versions/v9/techniques/T1547">T1547</a> </td> <td> <a href="/versions/v9/techniques/T1547/001">.001</a> </td> <td> <a href="/versions/v9/techniques/T1547">Boot or Logon Autostart Execution</a>: <a href="/versions/v9/techniques/T1547/001">Registry Run Keys / Startup Folder</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> creates a startup item for persistence. <span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Cofense Astaroth Sept 2018"><sup><a href="https://cofense.com/seeing-resurgence-demonic-astaroth-wmic-trojan/" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a></sup></span></p> </td> </tr> <tr class="sub technique" id="uses-T1547-009"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1547/009">.009</a> </td> <td> <a href="/versions/v9/techniques/T1547">Boot or Logon Autostart Execution</a>: <a href="/versions/v9/techniques/T1547/009">Shortcut Modification</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a>'s initial payload is a malicious .LNK file. <span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Cofense Astaroth Sept 2018"><sup><a href="https://cofense.com/seeing-resurgence-demonic-astaroth-wmic-trojan/" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a></sup></span><span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Cybereason Astaroth Feb 2019"><sup><a href="https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="technique" id="uses-T1115"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1115">T1115</a> </td> <td> <a href="/versions/v9/techniques/T1115">Clipboard Data</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> collects information from the clipboard by using the OpenClipboard() and GetClipboardData() libraries. <span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Cybereason Astaroth Feb 2019"><sup><a href="https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="sub technique noparent" id="uses-T1059-003"> <td> Enterprise </td> <td> <a href="/versions/v9/techniques/T1059">T1059</a> </td> <td> <a href="/versions/v9/techniques/T1059/003">.003</a> </td> <td> <a href="/versions/v9/techniques/T1059">Command and Scripting Interpreter</a>: <a href="/versions/v9/techniques/T1059/003">Windows Command Shell</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> spawns a CMD process to execute commands. <span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Cybereason Astaroth Feb 2019"><sup><a href="https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="sub technique" id="uses-T1059-005"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1059/005">.005</a> </td> <td> <a href="/versions/v9/techniques/T1059">Command and Scripting Interpreter</a>: <a href="/versions/v9/techniques/T1059/005">Visual Basic</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> has used malicious VBS e-mail attachments for execution.<span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="Securelist Brazilian Banking Malware July 2020"><sup><a href="https://securelist.com/the-tetrade-brazilian-banking-malware/97779/" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span></p> </td> </tr> <tr class="sub technique" id="uses-T1059-007"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1059/007">.007</a> </td> <td> <a href="/versions/v9/techniques/T1059">Command and Scripting Interpreter</a>: <a href="/versions/v9/techniques/T1059/007">JavaScript</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> uses JavaScript to perform its core functionalities. <span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Cofense Astaroth Sept 2018"><sup><a href="https://cofense.com/seeing-resurgence-demonic-astaroth-wmic-trojan/" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a></sup></span><span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="Securelist Brazilian Banking Malware July 2020"><sup><a href="https://securelist.com/the-tetrade-brazilian-banking-malware/97779/" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span></p> </td> </tr> <tr class="technique" id="uses-T1555"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1555">T1555</a> </td> <td> <a href="/versions/v9/techniques/T1555">Credentials from Password Stores</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> uses an external software known as NetPass to recover passwords. <span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Cybereason Astaroth Feb 2019"><sup><a href="https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="sub technique noparent" id="uses-T1132-001"> <td> Enterprise </td> <td> <a href="/versions/v9/techniques/T1132">T1132</a> </td> <td> <a href="/versions/v9/techniques/T1132/001">.001</a> </td> <td> <a href="/versions/v9/techniques/T1132">Data Encoding</a>: <a href="/versions/v9/techniques/T1132/001">Standard Encoding</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> encodes data using Base64 before sending it to the C2 server. <span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Cofense Astaroth Sept 2018"><sup><a href="https://cofense.com/seeing-resurgence-demonic-astaroth-wmic-trojan/" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a></sup></span></p> </td> </tr> <tr class="sub technique noparent" id="uses-T1074-001"> <td> Enterprise </td> <td> <a href="/versions/v9/techniques/T1074">T1074</a> </td> <td> <a href="/versions/v9/techniques/T1074/001">.001</a> </td> <td> <a href="/versions/v9/techniques/T1074">Data Staged</a>: <a href="/versions/v9/techniques/T1074/001">Local Data Staging</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> collects data in a plaintext file named r1.log before exfiltration. <span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Cofense Astaroth Sept 2018"><sup><a href="https://cofense.com/seeing-resurgence-demonic-astaroth-wmic-trojan/" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a></sup></span></p> </td> </tr> <tr class="technique" id="uses-T1140"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1140">T1140</a> </td> <td> <a href="/versions/v9/techniques/T1140">Deobfuscate/Decode Files or Information</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> uses a fromCharCode() deobfuscation method to avoid explicitly writing execution commands and to hide its code. <span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Cybereason Astaroth Feb 2019"><sup><a href="https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span><span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="Securelist Brazilian Banking Malware July 2020"><sup><a href="https://securelist.com/the-tetrade-brazilian-banking-malware/97779/" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span></p> </td> </tr> <tr class="sub technique noparent" id="uses-T1568-002"> <td> Enterprise </td> <td> <a href="/versions/v9/techniques/T1568">T1568</a> </td> <td> <a href="/versions/v9/techniques/T1568/002">.002</a> </td> <td> <a href="/versions/v9/techniques/T1568">Dynamic Resolution</a>: <a href="/versions/v9/techniques/T1568/002">Domain Generation Algorithms</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> has used a DGA in C2 communications.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Cybereason Astaroth Feb 2019"><sup><a href="https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="technique" id="uses-T1041"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1041">T1041</a> </td> <td> <a href="/versions/v9/techniques/T1041">Exfiltration Over C2 Channel</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> exfiltrates collected information from its r1.log file to the external C2 server. <span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Cybereason Astaroth Feb 2019"><sup><a href="https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="sub technique noparent" id="uses-T1564-003"> <td> Enterprise </td> <td> <a href="/versions/v9/techniques/T1564">T1564</a> </td> <td> <a href="/versions/v9/techniques/T1564/003">.003</a> </td> <td> <a href="/versions/v9/techniques/T1564">Hide Artifacts</a>: <a href="/versions/v9/techniques/T1564/003">Hidden Window</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> loads its module with the XSL script parameter <code>vShow</code> set to zero, which opens the application with a hidden window. <span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Cybereason Astaroth Feb 2019"><sup><a href="https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="sub technique" id="uses-T1564-004"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1564/004">.004</a> </td> <td> <a href="/versions/v9/techniques/T1564">Hide Artifacts</a>: <a href="/versions/v9/techniques/T1564/004">NTFS File Attributes</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> can abuse alternate data streams (ADS) to store content for malicious payloads.<span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="Securelist Brazilian Banking Malware July 2020"><sup><a href="https://securelist.com/the-tetrade-brazilian-banking-malware/97779/" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span></p> </td> </tr> <tr class="sub technique noparent" id="uses-T1574-001"> <td> Enterprise </td> <td> <a href="/versions/v9/techniques/T1574">T1574</a> </td> <td> <a href="/versions/v9/techniques/T1574/001">.001</a> </td> <td> <a href="/versions/v9/techniques/T1574">Hijack Execution Flow</a>: <a href="/versions/v9/techniques/T1574/001">DLL Search Order Hijacking</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> can launch itself via DLL Search Order Hijacking.<span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="Securelist Brazilian Banking Malware July 2020"><sup><a href="https://securelist.com/the-tetrade-brazilian-banking-malware/97779/" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span></p> </td> </tr> <tr class="technique" id="uses-T1105"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1105">T1105</a> </td> <td> <a href="/versions/v9/techniques/T1105">Ingress Tool Transfer</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> uses <a href="/versions/v9/software/S0160">certutil</a> and <a href="/versions/v9/software/S0190">BITSAdmin</a> to download additional malware. <span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Cofense Astaroth Sept 2018"><sup><a href="https://cofense.com/seeing-resurgence-demonic-astaroth-wmic-trojan/" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a></sup></span><span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Cybereason Astaroth Feb 2019"><sup><a href="https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span><span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="Securelist Brazilian Banking Malware July 2020"><sup><a href="https://securelist.com/the-tetrade-brazilian-banking-malware/97779/" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span></p> </td> </tr> <tr class="sub technique noparent" id="uses-T1056-001"> <td> Enterprise </td> <td> <a href="/versions/v9/techniques/T1056">T1056</a> </td> <td> <a href="/versions/v9/techniques/T1056/001">.001</a> </td> <td> <a href="/versions/v9/techniques/T1056">Input Capture</a>: <a href="/versions/v9/techniques/T1056/001">Keylogging</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> logs keystrokes from the victim's machine. <span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Cofense Astaroth Sept 2018"><sup><a href="https://cofense.com/seeing-resurgence-demonic-astaroth-wmic-trojan/" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a></sup></span></p> </td> </tr> <tr class="technique" id="uses-T1027"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1027">T1027</a> </td> <td> <a href="/versions/v9/techniques/T1027">Obfuscated Files or Information</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> obfuscates its JScript code, and has used an XOR-based algorithm to encrypt payloads twice with different keys.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Cybereason Astaroth Feb 2019"><sup><a href="https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span><span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="Securelist Brazilian Banking Malware July 2020"><sup><a href="https://securelist.com/the-tetrade-brazilian-banking-malware/97779/" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span></p> </td> </tr> <tr class="sub technique" id="uses-T1027-002"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1027/002">.002</a> </td> <td> <a href="/versions/v9/techniques/T1027/002">Software Packing</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> uses a software packer called Pe123\RPolyCryptor.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Cybereason Astaroth Feb 2019"><sup><a href="https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="sub technique noparent" id="uses-T1598-002"> <td> Enterprise </td> <td> <a href="/versions/v9/techniques/T1598">T1598</a> </td> <td> <a href="/versions/v9/techniques/T1598/002">.002</a> </td> <td> <a href="/versions/v9/techniques/T1598">Phishing for Information</a>: <a href="/versions/v9/techniques/T1598/002">Spearphishing Attachment</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> has been delivered via malicious e-mail attachments.<span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="Securelist Brazilian Banking Malware July 2020"><sup><a href="https://securelist.com/the-tetrade-brazilian-banking-malware/97779/" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span></p> </td> </tr> <tr class="technique" id="uses-T1057"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1057">T1057</a> </td> <td> <a href="/versions/v9/techniques/T1057">Process Discovery</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> searches for different processes on the system.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Cybereason Astaroth Feb 2019"><sup><a href="https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="sub technique noparent" id="uses-T1055-012"> <td> Enterprise </td> <td> <a href="/versions/v9/techniques/T1055">T1055</a> </td> <td> <a href="/versions/v9/techniques/T1055/012">.012</a> </td> <td> <a href="/versions/v9/techniques/T1055">Process Injection</a>: <a href="/versions/v9/techniques/T1055/012">Process Hollowing</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> can create a new process in a suspended state from a targeted legitimate process in order to unmap its memory and replace it with malicious code.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Cybereason Astaroth Feb 2019"><sup><a href="https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span><span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="Securelist Brazilian Banking Malware July 2020"><sup><a href="https://securelist.com/the-tetrade-brazilian-banking-malware/97779/" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span></p> </td> </tr> <tr class="technique" id="uses-T1129"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1129">T1129</a> </td> <td> <a href="/versions/v9/techniques/T1129">Shared Modules</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> uses the LoadLibraryExW() function to load additional modules. <span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Cybereason Astaroth Feb 2019"><sup><a href="https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="sub technique noparent" id="uses-T1218-001"> <td> Enterprise </td> <td> <a href="/versions/v9/techniques/T1218">T1218</a> </td> <td> <a href="/versions/v9/techniques/T1218/001">.001</a> </td> <td> <a href="/versions/v9/techniques/T1218">Signed Binary Proxy Execution</a>: <a href="/versions/v9/techniques/T1218/001">Compiled HTML File</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> uses ActiveX objects for file execution and manipulation. <span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Cofense Astaroth Sept 2018"><sup><a href="https://cofense.com/seeing-resurgence-demonic-astaroth-wmic-trojan/" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a></sup></span></p> </td> </tr> <tr class="sub technique" id="uses-T1218-010"> <td></td> <td></td> <td> <a href="/versions/v9/techniques/T1218/010">.010</a> </td> <td> <a href="/versions/v9/techniques/T1218">Signed Binary Proxy Execution</a>: <a href="/versions/v9/techniques/T1218/010">Regsvr32</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> can be loaded through regsvr32.exe.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Cybereason Astaroth Feb 2019"><sup><a href="https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="sub technique noparent" id="uses-T1518-001"> <td> Enterprise </td> <td> <a href="/versions/v9/techniques/T1518">T1518</a> </td> <td> <a href="/versions/v9/techniques/T1518/001">.001</a> </td> <td> <a href="/versions/v9/techniques/T1518">Software Discovery</a>: <a href="/versions/v9/techniques/T1518/001">Security Software Discovery</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> checks for the presence of Avast antivirus in the <code>C:\Program\Files\</code> folder. <span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Cofense Astaroth Sept 2018"><sup><a href="https://cofense.com/seeing-resurgence-demonic-astaroth-wmic-trojan/" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a></sup></span></p> </td> </tr> <tr class="technique" id="uses-T1082"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1082">T1082</a> </td> <td> <a href="/versions/v9/techniques/T1082">System Information Discovery</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> collects the machine name and keyboard language from the system. <span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Cofense Astaroth Sept 2018"><sup><a href="https://cofense.com/seeing-resurgence-demonic-astaroth-wmic-trojan/" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a></sup></span><span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Cybereason Astaroth Feb 2019"><sup><a href="https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="technique" id="uses-T1016"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1016">T1016</a> </td> <td> <a href="/versions/v9/techniques/T1016">System Network Configuration Discovery</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> collects the external IP address from the system. <span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Cofense Astaroth Sept 2018"><sup><a href="https://cofense.com/seeing-resurgence-demonic-astaroth-wmic-trojan/" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a></sup></span></p> </td> </tr> <tr class="technique" id="uses-T1124"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1124">T1124</a> </td> <td> <a href="/versions/v9/techniques/T1124">System Time Discovery</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> collects the timestamp from the infected machine. <span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Cofense Astaroth Sept 2018"><sup><a href="https://cofense.com/seeing-resurgence-demonic-astaroth-wmic-trojan/" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a></sup></span></p> </td> </tr> <tr class="technique" id="uses-T1552"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1552">T1552</a> </td> <td> <a href="/versions/v9/techniques/T1552">Unsecured Credentials</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> uses an external software known as NetPass to recover passwords. <span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Cybereason Astaroth Feb 2019"><sup><a href="https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> <tr class="sub technique noparent" id="uses-T1204-002"> <td> Enterprise </td> <td> <a href="/versions/v9/techniques/T1204">T1204</a> </td> <td> <a href="/versions/v9/techniques/T1204/002">.002</a> </td> <td> <a href="/versions/v9/techniques/T1204">User Execution</a>: <a href="/versions/v9/techniques/T1204/002">Malicious File</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> has used malicious files including VBS, LNK, and HTML for execution.<span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="Securelist Brazilian Banking Malware July 2020"><sup><a href="https://securelist.com/the-tetrade-brazilian-banking-malware/97779/" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span></p> </td> </tr> <tr class="sub technique noparent" id="uses-T1497-001"> <td> Enterprise </td> <td> <a href="/versions/v9/techniques/T1497">T1497</a> </td> <td> <a href="/versions/v9/techniques/T1497/001">.001</a> </td> <td> <a href="/versions/v9/techniques/T1497">Virtualization/Sandbox Evasion</a>: <a href="/versions/v9/techniques/T1497/001">System Checks</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> can check for Windows product ID's used by sandboxes and usernames and disk serial numbers associated with analyst environments.<span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="Securelist Brazilian Banking Malware July 2020"><sup><a href="https://securelist.com/the-tetrade-brazilian-banking-malware/97779/" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span></p> </td> </tr> <tr class="sub technique noparent" id="uses-T1102-001"> <td> Enterprise </td> <td> <a href="/versions/v9/techniques/T1102">T1102</a> </td> <td> <a href="/versions/v9/techniques/T1102/001">.001</a> </td> <td> <a href="/versions/v9/techniques/T1102">Web Service</a>: <a href="/versions/v9/techniques/T1102/001">Dead Drop Resolver</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> can store C2 information on cloud hosting services such as AWS and CloudFlare and websites like YouTube and Facebook.<span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="Securelist Brazilian Banking Malware July 2020"><sup><a href="https://securelist.com/the-tetrade-brazilian-banking-malware/97779/" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a></sup></span></p> </td> </tr> <tr class="technique" id="uses-T1047"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1047">T1047</a> </td> <td> <a href="/versions/v9/techniques/T1047">Windows Management Instrumentation</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> uses WMIC to execute payloads. <span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Cofense Astaroth Sept 2018"><sup><a href="https://cofense.com/seeing-resurgence-demonic-astaroth-wmic-trojan/" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a></sup></span></p> </td> </tr> <tr class="technique" id="uses-T1220"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v9/techniques/T1220">T1220</a> </td> <td> <a href="/versions/v9/techniques/T1220">XSL Script Processing</a> </td> <td> <p><a href="/versions/v9/software/S0373">Astaroth</a> executes embedded JScript or VBScript in an XSL stylesheet located on a remote domain. <span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Cybereason Astaroth Feb 2019"><sup><a href="https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a></sup></span></p> </td> </tr> </tbody> </table> <h2 class="pt-3" id="references">References</h2> <div class="row"> <div class="col"> <ol> <li> <span id="scite-1" class="scite-citation"> <span class="scite-citation-text"> <a rel="nofollow" class="external text" name="scite-1" href="https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil-full-research" target="_blank"> Salem, E. (2019, February 13). ASTAROTH MALWARE USES LEGITIMATE OS AND ANTIVIRUS PROCESSES TO STEAL PASSWORDS AND PERSONAL DATA. Retrieved April 17, 2019. </a> </span> </span> </li> <li> <span id="scite-2" class="scite-citation"> <span class="scite-citation-text"> <a rel="nofollow" class="external text" name="scite-2" href="https://cofense.com/seeing-resurgence-demonic-astaroth-wmic-trojan/" target="_blank"> Doaty, J., Garrett, P.. (2018, September 10). We鈥檙e Seeing a Resurgence of the Demonic Astaroth WMIC Trojan. Retrieved April 17, 2019. </a> </span> </span> </li> </ol> </div> <div class="col"> <ol start="3.0"> <li> <span id="scite-3" class="scite-citation"> <span class="scite-citation-text"> <a rel="nofollow" class="external text" name="scite-3" href="https://securelist.com/the-tetrade-brazilian-banking-malware/97779/" target="_blank"> GReAT. (2020, July 14). The Tetrade: Brazilian banking malware goes global. Retrieved November 9, 2020. </a> </span> </span> </li> </ol> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> <!--stop-indexing-for-search--> <div class="overlay search" id="search-overlay" style="display: none;"> <div class="overlay-inner"> <!-- text input for searching --> <div class="search-header"> <div class="search-input"> <input type="text" id="search-input" placeholder="search"> </div> <div class="search-icons"> <div class="search-parsing-icon spinner-border" style="display: none" id="search-parsing-icon"></div> <div class="close-search-icon" id="close-search-icon">×</div> </div> </div> <!-- results and controls for loading more results --> <div id="search-body" class="search-body"> <div class="results" id="search-results"> <!-- content will be appended here on search --> </div> <div id="load-more-results" class="load-more-results"> <button class="btn btn-default" id="load-more-results-button">load more results</button> </div> </div> </div> </div> </div> <footer class="footer p-3"> <div class="container-fluid"> <div class="row"> <div class="col-4 col-sm-4 col-md-3"> <div class="footer-center-responsive my-auto"> <a href="https://www.mitre.org" target="_blank" rel="noopener" aria-label="MITRE"> <img src="/versions/v9/theme/images/mitrelogowhiteontrans.gif" class="mitre-logo-wtrans"> </a> </div> </div> <div class="col-2 col-sm-2 footer-responsive-break"></div> <div class="col-6 col-sm-6 text-center"> <p> 漏 2015-2021, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation. </p> <div class="row"> <div class="col text-right"> <small> <a href="/versions/v9/resources/privacy" class="footer-link">Privacy Policy</a> </small> </div> <div class="col text-center"> <small> <a href="/versions/v9/resources/terms-of-use" class="footer-link">Terms of Use</a> </small> </div> <div class="col text-left "> <small> <a href="/versions/v9/resources/changelog.html" class="footer-link" data-toggle="tooltip" data-placement="top" title="ATT&CK content version 9.0
Website version 3.3.1">ATT&CK v9.0</a> </small> </div> </div> </div> <div class="w-100 p-2 footer-responsive-break"></div> <div class="col"> <div class="footer-float-right-responsive-brand"> <div class="mb-1"> <a href="https://twitter.com/MITREattack" class="btn btn-primary w-100"> <!-- <i class="fa fa-twitter"></i> --> <img src="/versions/v9/theme/images/twitter.png" class="mr-1 twitter-icon"> <b>@MITREattack</b> </a> </div> <div class=""> <a href="/versions/v9/contact" class="btn btn-primary w-100"> Contact </a> </div> </div> </div> </div> </div> </div> </footer> </div> <!--SCRIPTS--> <script src="/versions/v9/theme/scripts/jquery-3.5.1.min.js"></script> <script src="/versions/v9/theme/scripts/popper.min.js"></script> <script src="/versions/v9/theme/scripts/bootstrap.bundle.min.js"></script> <script src="/versions/v9/theme/scripts/site.js"></script> <script src="/versions/v9/theme/scripts/flexsearch.es5.js"></script> <script src="/versions/v9/theme/scripts/localforage.min.js"></script> <script src="/versions/v9/theme/scripts/settings.js?4534"></script> <script src="/versions/v9/theme/scripts/search_babelized.js"></script> <!--SCRIPTS--> <script src="/versions/v9/theme/scripts/navigation.js"></script> <script src="/versions/v9/theme/scripts/bootstrap-tourist.js"></script> <script src="/versions/v9/theme/scripts/settings.js"></script> <script src="/versions/v9/theme/scripts/tour/tour-relationships.js"></script> </body> </html>