comfy_mtb

Yara Scan Results

Generated on 2024-07-14 08:45:56

Passed Tests

teabot
flubot
hacktools
plugx_mustang_panda
crylock_20210706
systembc
vatet_loader
icedid_20210507
jpcertcc-malconfscan-rule
t5000
imuler
pubsab
surtr
favorite
safenet
lurk0+cctv0
luckycat
quarian
warp
glasses
naspyupdate
comfoo
9002
xtreme
remote
cxpid
UP007
scarhikn
rooter
rookie
plugx
wimmie
vidgrab
malware-families
fakem
keyboy
naikon
boouset
nettraveler
regsubdat
nsfree
mongal
cookies
maccontrol
iexpl0re
yayih
msattacker
mirage
3102
ezcob
olyx
bangat
enfal
insta11
payloads
filetypes
oleidentifiers
steganography
engwultimate
bitrat_unpacked
megacortex
remcos
frat
formbook
blackremote_blackrat
netwire
agent_tesla
azorult_plus_plus
wsh_rat
nanocore
darktrack_rat
metamorfo
ave_maria_warzone_rat
dcrat
asyncrat
redline
lockergoga
venomrat
infostealers
parallax_rat
ursnif_gozi_isfb
kleptoparasite
quasarrat
poshc2_apt_33
dtrack_lazarus_group
micropsia_apt_c_23
powerton_apt_33
eicar
ransomware_windows_lazarus_wannacry
ransomware_windows_zcrypt
ransomware_windows_cryptolocker
ransomware_windows_HDDCryptorA
ransomware_windows_petya_variant_3
ransomware_windows_petya_variant_1
ransomware_windows_petya_variant_bitcoin
ransomware_windows_cerber_evasion
ransomware_windows_hydracrypt
ransomware_windows_powerware_locky
ransomware_windows_petya_variant_2
ransomware_windows_wannacry
hacktool_multi_jtesta_ssh_mitm
hacktool_multi_ntlmrelayx
hacktool_multi_masscan
hacktool_multi_bloodhound_owned
hacktool_multi_pyrasite_py
hacktool_multi_ncc_ABPTTS
hacktool_multi_responder_py
hacktool_macos_exploit_tpwn
hacktool_macos_keylogger_logkext
hacktool_macos_keylogger_giacomolaw
hacktool_macos_n0fate_chainbreaker
hacktool_macos_exploit_cve_2015_5889
hacktool_macos_keylogger_eldeveloper_keystats
hacktool_macos_manwhoami_mmetokendecrypt
hacktool_macos_keylogger_skreweverything_swift
hacktool_macos_juuso_keychaindump
hacktool_macos_keylogger_caseyscarborough
hacktool_macos_keylogger_b4rsby_swiftlog
hacktool_macos_manwhoami_icloudcontacts
hacktool_macos_keylogger_roxlu_ofxkeylogger
hacktool_macos_macpmem
hacktool_macos_ptoomey3_keychain_dumper
hacktool_macos_manwhoami_osxchromedecrypt
hacktool_macos_keylogger_dannvix
hacktool_windows_cobaltstrike_template
hacktool_windows_cobaltstrike_postexploitation
hacktool_windows_mimikatz_sekurlsa
hacktool_windows_ncc_wmicmd
hacktool_windows_mimikatz_modules
hacktool_windows_mimikatz_errors
hacktool_windows_cobaltstrike_beacon
hacktool_windows_wmi_implant
hacktool_windows_cobaltstrike_powershell
hacktool_windows_rdp_cmd_delivery
hacktool_windows_cobaltstrike_artifact
hacktool_windows_mimikatz_copywrite
hacktool_windows_moyix_creddump
hacktool_windows_mimikatz_files
hacktool_windows_hot_potato
MachO
malware_multi_vesche_basicrat
malware_multi_pupy_rat
malware_macos_bella
malware_macos_neoneggplant_eggshell
malware_macos_macspy
malware_macos_marten4n6_evilosx
malware_macos_apt_sofacy_xagent
malware_macos_proton_rat_generic
malware_windows_moonlightmaze_encrypted_keyloger
malware_windows_pony_stealer
malware_windows_apt_whitebear_binary_loader_3
malware_windows_moonlightmaze_IRIX_exploit_GEN
malware_windows_moonlightmaze_loki
malware_windows_winnti_loadperf_dll_loader
malware_windows_apt_whitebear_binary_loader_2
malware_windows_moonlightmaze_loki2crypto
malware_windows_remcos_rat
malware_windows_apt_red_leaves_generic
malware_windows_moonlightmaze_wipe
malware_windows_moonlightmaze_u_logcleaner
malware_windows_ccleaner_backdoor
malware_windows_moonlightmaze_de_tool
malware_windows_moonlightmaze_cle_tool
malware_windows_moonlightmaze_custom_sniffer
malware_windows_t3ntman_crunchrat
malware_windows_apt_whitebear_binary_loader_1
malware_windows_moonlightmaze_xk_keylogger
malware_windows_xrat_quasarrat
HackTool_PY_ImpacketObfuscation_2
APT_Backdoor_PS1_BASICPIPESHELL_1
CredTheft_Win_EXCAVATOR_1
APT_HackTool_Win64_EXCAVATOR_2
APT_HackTool_Win64_EXCAVATOR_1
CredTheft_Win_EXCAVATOR_2
Trojan_Win64_Generic_22
Trojan_Win64_Generic_23
APT_HackTool_MSIL_SHARPSACK_1
HackTool_PY_ImpacketObfuscation_1
HackTool_MSIL_PXELOOT_2
HackTool_MSIL_PXELOOT_1
APT_HackTool_MSIL_DTRIM_1
Trojan_Raw_Generic_4
Loader_Win_Generic_18
Loader_Win_Generic_17
Trojan_Win_Generic_101
Loader_MSIL_WMIRunner_1
Trojan_Macro_RESUMEPLEASE_1
APT_Loader_MSIL_TRIMBISHOP_1
Loader_MSIL_TrimBishop_1
APT_Loader_MSIL_TRIMBISHOP_2
Loader_MSIL_RuralBishop_3
Loader_MSIL_RURALBISHOP_2
Loader_MSIL_RURALBISHOP_1
HackTool_MSIL_PuppyHound_1
HackTool_MSIL_SharpHound_3
HackTool_MSIL_SAFETYKATZ_4
APT_Loader_Win32_PGF_2
APT_Loader_MSIL_PGF_1
APT_Loader_Win_PGF_1
APT_Loader_Win_PGF_2
APT_Loader_Win32_PGF_5
APT_Loader_Win64_PGF_3
APT_Loader_Win64_PGF_5
APT_Loader_MSIL_PGF_2
APT_Loader_Win64_PGF_2
APT_Loader_Win32_PGF_4
APT_Loader_Win64_PGF_4
APT_Loader_Win32_PGF_1
APT_Loader_Win32_PGF_3
APT_Loader_Win64_PGF_1
HackTool_MSIL_WMISharp_1
HackTool_MSIL_PrepShellcode_1
HackTool_MSIL_Rubeus_1
APT_HackTool_MSIL_GPOHUNT_1
HackTool_MSIL_SharpSchtask_1
HackTool_MSIL_KeePersist_1
HackTool_MSIL_SHARPZEROLOGON_1
Dropper_LNK_LNKSmasher_1
Hunting_LNK_Win_GenericLauncher
APT_Loader_MSIL_LUALOADER_1
APT_HackTool_MSIL_LUALOADER_1
APT_Loader_MSIL_LUALOADER_2
APT_HackTool_MSIL_NOAMCI_1
HackTool_MSIL_GETDOMAINPASSWORDPOLICY_1
CredTheft_MSIL_CredSnatcher_1
APT_HackTool_MSIL_SHARPZIPLIBZIPPER_1
APT_HackTool_MSIL_MODIFIEDSHARPVIEW_1
APT_HackTool_MSIL_REDTEAMMATERIALS_1
APT_HackTool_MSIL_SHARPWEBCRAWLER_1
APT_HackTool_MSIL_SHARPDACL_1
APT_HackTool_MSIL_SHARPNFS_1
CredTheft_MSIL_WCMDump_1
APT_HackTool_MSIL_SHARPNATIVEZIPPER_1
APT_HackTool_MSIL_SHARPTEMPLATE_1
APT_HackTool_MSIL_SHARPGOPHER_1
APT_HackTool_MSIL_SHARPDNS_1
APT_HackTool_MSIL_PRAT_1
APT_HackTool_MSIL_SHARPSQLCLIENT_1
APT_HackTool_MSIL_SHARPPATCHCHECK_1
APT_HackTool_MSIL_DNSOVERHTTPS_C2_1
Loader_MSIL_Generic_1
Loader_Win_Generic_20
Loader_Win_Generic_19
HackTool_MSIL_SharPivot_4
HackTool_MSIL_SharPivot_1
HackTool_MSIL_SharPivot_2
HackTool_MSIL_SharPivot_3
Loader_MSIL_NetshShellCodeRunner_1
Builder_MSIL_SharpGenerator_1
Loader_MSIL_InMemoryCompilation_1
Loader_MSIL_WildChild_1
APT_Loader_MSIL_WILDCHILD_1
Dropper_HTA_WildChild_1
Tool_MSIL_SharpGrep_1
HackTool_MSIL_SEATBELT_1
HackTool_MSIL_SEATBELT_2
Hunting_GadgetToJScript_1
Hunting_B64Engine_DotNetToJScript_Dos
Hunting_DotNetToJScript_Functions
Builder_MSIL_G2JS_1
Tool_MSIL_CSharpUtils_1
HackTool_MSIL_CoreHound_1
Loader_MSIL_DUEDLLIGENCE_1
HackTool_MSIL_HOLSTER_1
Loader_MSIL_DUEDLLIGENCE_3
Loader_MSIL_DUEDLLIGENCE_2
MSIL_Launcher_DUEDLLIGENCE_1
CredTheft_MSIL_ADPassHunt_1
APT_HackTool_MSIL_ADPassHunt_1
CredTheft_MSIL_ADPassHunt_2
APT_HackTool_MSIL_ADPassHunt_2
Loader_MSIL_NETAssemblyInject_1
Loader_MSIL_CSharpSectionInjection_1
APT_Backdoor_Win_GORAT_2
APT_Backdoor_Win_GORAT_5
APT_Backdoor_Win_GORAT_4
Trojan_MSIL_GORAT_Plugin_DOTNET_1
APT_Backdoor_Win_GORAT_1
APT_Backdoor_Win_GoRat_Memory
APT_Backdoor_Win_GORAT_3
APT_Backdoor_MacOS_GORAT_1
Trojan_MSIL_GORAT_Module_PowerShell_1
APT_Loader_Win32_DShell_2
APT_Loader_Win32_DShell_3
APT_Loader_Win32_DShell_1
APT_Backdoor_Win_DShell_3
APT_Backdoor_Win_DShell_1
APT_Backdoor_Win_DShell_2
HackTool_MSIL_WMIspy_1
APT_HackTool_MSIL_WMISPY_2
Loader_MSIL_AllTheThings_1
HackTool_MSIL_KeeFarce_1
APT_Trojan_Win_REDFLARE_2
APT_Loader_Win64_REDFLARE_2
APT_Trojan_Win_REDFLARE_7
APT_Builder_PY_REDFLARE_1
APT_Downloader_Win32_REDFLARE_1
APT_Loader_Win32_REDFLARE_2
APT_Trojan_Win_REDFLARE_1
APT_Loader_Win32_REDFLARE_1
APT_Loader_Raw32_REDFLARE_1
APT_Trojan_Win_REDFLARE_8
APT_Loader_Raw64_REDFLARE_1
APT_Trojan_Win_REDFLARE_5
APT_Keylogger_Win64_REDFLARE_1
APT_Trojan_Win_REDFLARE_4
APT_Builder_PY_REDFLARE_2
APT_Loader_Win64_REDFLARE_1
APT_Controller_Linux_REDFLARE_1
APT_Trojan_Win_REDFLARE_3
APT_Keylogger_Win32_REDFLARE_1
APT_Downloader_Win64_REDFLARE_1
APT_Trojan_Win_REDFLARE_6
APT_Trojan_Linux_REDFLARE_1
APT_HackTool_MSIL_SHARPSTOMP_2
HackTool_MSIL_SharpStomp_1
APT_HackTool_MSIL_SHARPSTOMP_1
CredTheft_MSIL_TitoSpecial_1
HackTool_Win64_AndrewSpecial_1
HackTool_Win32_AndrewSpecial_1
APT_HackTool_MSIL_TITOSPECIAL_1
CredTheft_MSIL_TitoSpecial_2
APT_Loader_MSIL_REVOLVER_1
APT_HackTool_MSIL_REVOLVER_1
Builder_MSIL_SinfulOffice_1
Methodology_OLE_CHARENCODING_2
Loader_MSIL_SharPy_1
APT_HackTool_MSIL_JUSTASK_1
APT_HackTool_MSIL_FLUFFY_2
APT_HackTool_MSIL_FLUFFY_1
HackTool_MSIL_SharPersist_2
HackTool_MSIL_SharPersist_1
HackTool_MSIL_INVEIGHZERO_1
APT_Loader_Win64_MATRYOSHKA_1
APT_Builder_PY_MATRYOSHKA_1
APT_Loader_Win_MATRYOSHKA_1
APT_Builder_Win64_MATRYOSHKA_1
APT_Loader_Win64_MATRYOSHKA_2
APT_Dropper_Win64_MATRYOSHKA_1
APT_Dropper_Win_MATRYOSHKA_1
ft_elf
ft_cab
ft_java_class
ft_pdf
misc_compressed_exe
ft_exe
ft_rtf
ft_macho
ft_tar
ft_ole_cf
ft_swf
ft_office_open_xml
ft_gzip
ft_rar
ft_jar
FakeCheck
XenoRAT
Adwind
Agniane
NagogyGrabber
MortisLocker
Exela
BazaLoader
RisePro
win.winordll64_auto
win.putabmow_auto
win.overlay_rat_auto
win.btcware_auto
win.dented_auto
win.bbsrat_auto
win.colony_auto
win.nabucur_auto
win.mozart_auto
win.graphite_auto
win.windealer_auto
win.anel_auto
win.unidentified_038_auto
win.mirrorkey_auto
win.chches_auto
win.skipper_auto
win.hotcroissant_auto
win.malumpos_auto
win.tiop_auto
win.bazarbackdoor_auto
win.rokrat_auto
win.scanpos_auto
win.dualtoy_auto
win.spedear_auto
win.godlike12_auto
win.acronym_auto
win.neutrino_auto
win.mmon_auto
win.snifula_auto
win.keymarble_auto
win.plurox_auto
osx.pirrit_auto
win.action_rat_auto
win.bhunt_auto
win.mebromi_auto
elf.mirai_auto
win.wmighost_auto
win.pipemon_auto
win.petya_auto
win.trochilus_rat_auto
win.ngioweb_auto
win.diamondfox_auto
win.pngdowner_auto
win.netspy_auto
win.moriya_auto
win.winnti_auto
win.datper_auto
win.elise_auto
win.byeby_auto
win.andardoor_auto
win.screencap_auto
win.mgbot_auto
win.troldesh_auto
win.jimmy_auto
win.godzilla_loader_auto
win.combos_auto
win.zxxz_auto
win.kwampirs_auto
win.padcrypt_auto
win.oni_auto
win.rover_auto
win.unidentified_063_auto
win.satellite_turla_auto
win.romeos_auto
win.balkan_door_auto
osx.retefe_auto
win.finfisher_auto
win.greenshaitan_auto
win.zeus_mailsniffer_auto
win.xxmm_auto
win.avos_locker_auto
win.taidoor_auto
win.subzero_auto
win.gpcode_auto
win.cryptxxxx_auto
win.protonbot_auto
win.lazarus_killdisk_auto
win.turla_rpc_auto
win.flawedgrace_auto
win.heloag_auto
win.crenufs_auto
win.derusbi_auto
win.misfox_auto
win.polyvice_auto
win.grillmark_auto
win.tabmsgsql_auto
win.darkstrat_auto
win.hikit_auto
win.yarat_auto
win.graftor_auto
win.deltastealer_auto
win.unidentified_003_auto
win.blister_auto
win.calmthorn_auto
win.webc2_bolid_auto
win.industrial_spy_auto
win.artfulpie_auto
win.interception_auto
win.solarbot_auto
win.nvisospit_auto
win.rawpos_auto
win.milum_auto
win.unidentified_068_auto
win.taleret_auto
win.atmosphere_auto
win.powerloader_auto
win.emudbot_auto
win.wallyshack_auto
win.proteus_auto
win.apocalipto_auto
win.farseer_auto
win.zerocleare_auto
win.kivars_auto
win.bangat_auto
win.scranos_auto
win.joao_auto
win.outlook_backdoor_auto
win.starsypound_auto
win.bamital_auto
win.skinnyboy_auto
win.hardrain_auto
win.gameover_p2p_auto
win.vegalocker_auto
win.expiro_auto
osx.fruitfly_auto
win.adam_locker_auto
win.ratankba_auto
win.slickshoes_auto
win.zeus_action_auto
win.ripper_atm_auto
win.snslocker_auto
win.pkybot_auto
win.rtpos_auto
win.eyservice_auto
win.rad_auto
win.goggles_auto
win.loup_auto
win.cutwail_auto
osx.laoshu_auto
win.mole_auto
win.unidentified_042_auto
win.postnaptea_auto
win.multigrain_pos_auto
win.whiteblackcrypt_auto
win.zeus_sphinx_auto
win.moonwind_auto
win.doublepulsar_auto
win.xtunnel_auto
win.miniasp_auto
win.bohmini_auto
win.rikamanu_auto
win.darkbit_auto
win.unidentified_081_auto
win.phandoor_auto
win.pupy_auto
win.aperetif_auto
win.chainshot_auto
win.andromeda_auto
elf.bashlite_auto
win.tempedreve_auto
win.rapid_ransom_auto
win.thunker_auto
win.unidentified_069_auto
win.anchormtea_auto
win.eternalrocks_auto
win.cosmicduke_auto
win.unidentified_047_auto
win.chinad_auto
win.dinodas_rat_auto
win.hive_auto
win.lcpdot_auto
win.decaf_auto
win.htbot_auto
win.conficker_auto
win.samsam_auto
win.shadowpad_auto
win.hlux_auto
win.backswap_auto
win.retro_auto
win.backbend_auto
win.strelastealer_auto
win.royalcli_auto
win.redalpha_auto
win.lowkey_auto
win.computrace_auto
win.mapiget_auto
win.murofet_auto
win.moriagent_auto
win.moker_auto
win.brambul_auto
win.hamweq_auto
win.gemcutter_auto
win.n40_auto
win.vendetta_auto
win.matsnu_auto
win.tyupkin_auto
win.cmstar_auto
win.taintedscribe_auto
win.blackbyte_auto
win.netrepser_keylogger_auto
win.unidentified_039_auto
win.sysget_auto
win.miuref_auto
win.flawedammyy_auto
win.unidentified_105_auto
win.fuxsocy_auto
win.pteranodon_auto
win.croxloader_auto
win.domino_auto
win.vapor_rage_auto
win.flying_dutchman_auto
win.khrat_auto
win.murkytop_auto
win.bahamut_auto
osx.hiddenlotus_auto
win.aytoke_auto
win.saint_bot_auto
win.rombertik_auto
osx.gmera_auto
win.remsec_strider_auto
win.neshta_auto
win.ziyangrat_auto
win.doorme_auto
win.athenago_auto
win.chairsmack_auto
win.banpolmex_auto
win.doppelpaymer_auto
win.3cx_backdoor_auto
win.bouncer_auto
win.payloadbin_auto
win.bredolab_auto
win.konni_auto
win.graphdrop_auto
win.strifewater_rat_auto
win.telebot_auto
win.conti_auto
win.dubrute_auto
win.cobint_auto
win.beepservice_auto
win.mylobot_auto
win.wannacryptor_auto
win.unidentified_070_auto
win.babuk_auto
win.cryptowall_auto
win.powerduke_auto
win.unidentified_110_auto
win.listrix_auto
win.hyperssl_auto
win.stormwind_auto
win.mbrlocker_auto
win.koobface_auto
win.exaramel_auto
win.slub_auto
win.ati_agent_auto
win.mongall_auto
win.badcall_auto
win.misdat_auto
win.blackpos_auto
win.qaccel_auto
win.golroted_auto
win.equationdrug_auto
win.merdoor_auto
win.pwnpos_auto
win.bootwreck_auto
elf.persirai_auto
win.zebrocy_auto
win.cherry_picker_auto
win.clambling_auto
win.vreikstadi_auto
win.leouncia_auto
win.hyperbro_auto
win.victorygate_auto
win.rdasrv_auto
win.metamorfo_auto
win.nemim_auto
win.korlia_auto
win.quasar_rat_auto
win.csext_auto
win.jager_decryptor_auto
win.salgorea_auto
win.tokyox_auto
win.chinoxy_auto
win.boxcaon_auto
win.isaacwiper_auto
win.cueisfry_auto
win.wellmess_auto
win.krbanker_auto
win.leakthemall_auto
win.roopirs_auto
win.havoc_auto
win.evilbunny_auto
win.ehdevel_auto
osx.xslcmd_auto
win.atharvan_auto
win.rumish_auto
win.downeks_auto
win.pikabot_auto
win.duqu_auto
win.nullmixer_auto
win.darkmegi_auto
win.usbferry_auto
win.thunderx_auto
win.poohmilk_auto
win.karagany_auto
win.qhost_auto
win.silon_auto
win.gh0sttimes_auto
win.pittytiger_rat_auto
win.cuegoe_auto
win.tigerlite_auto
win.kuaibu8_auto
win.kronos_auto
win.unidentified_087_auto
win.ransomlock_auto
win.radamant_auto
win.rockloader_auto
win.crat_auto
win.dircrypt_auto
win.gibberish_auto
win.divergent_auto
win.darkpink_auto
win.bagle_auto
win.valuevault_auto
win.vskimmer_auto
win.pykspa_auto
win.miancha_auto
win.scote_auto
win.hazy_load_auto
win.mocton_auto
win.floxif_auto
win.mirai_auto
win.tefosteal_auto
win.godoh_auto
win.moure_auto
win.sarhust_auto
win.owlproxy_auto
win.geminiduke_auto
win.proto8_rat_auto
win.sysraw_stealer_auto
win.fudmodule_auto
win.darkcloud_auto
win.hunter_auto
win.webc2_kt3_auto
win.aldibot_auto
win.htran_auto
win.satana_auto
win.telb_auto
win.glooxmail_auto
win.ayegent_auto
win.tarsip_auto
win.snake_auto
osx.bella_auto
osx.mokes_auto
win.soul_auto
win.xiangoop_auto
win.ransomexx_auto
win.pony_auto
win.phobos_auto
win.play_auto
win.lurk_auto
win.clipog_auto
win.makloader_auto
win.kimsuky_auto
win.shylock_auto
win.radrat_auto
win.xsplus_auto
win.dorshel_auto
win.unidentified_096_auto
win.unidentified_053_auto
win.heyoka_auto
win.unidentified_099_auto
win.unidentified_109_auto
win.herpes_auto
win.ransoc_auto
win.bitsran_auto
win.newbounce_auto
win.nexster_bot_auto
win.playwork_auto
win.wannahusky_auto
win.madmax_auto
win.chaperone_auto
win.rook_auto
win.cohhoc_auto
win.zenar_auto
win.linseningsvr_auto
win.saigon_auto
win.treasurehunter_auto
win.deadwood_auto
win.dnschanger_auto
win.mpkbot_auto
win.nightsky_auto
win.sphijacker_auto
win.slothfulmedia_auto
win.covid22_auto
win.redleaves_auto
win.rustock_auto
win.scieron_auto
win.blackbasta_auto
win.cryptoluck_auto
win.blackremote_auto
win.grabbot_auto
win.enfal_auto
win.rincux_auto
win.7ev3n_auto
win.helminth_auto
win.zupdax_auto
win.nautilus_auto
win.vawtrak_auto
win.mikoponi_auto
win.tor_loader_auto
win.keyboy_auto
win.collection_rat_auto
win.shadowhammer_auto
win.cloudburst_auto
win.whitebird_auto
win.dtrack_auto
win.typehash_auto
win.harnig_auto
win.grease_auto
win.glitch_pos_auto
win.jupiter_auto
win.feed_load_auto
win.blackmagic_auto
win.tellyouthepass_auto
win.chewbacca_auto
win.smrss32_auto
win.noxplayer_auto
win.void_auto
osx.applejeus_auto
win.ryuk_stealer_auto
win.diceloader_auto
win.htprat_auto
win.electricfish_auto
win.sysjoker_auto
win.whispergate_auto
win.bitter_rat_auto
win.nimbo_c2_auto
win.ryuk_auto
win.fatduke_auto
win.ddkong_auto
win.gold_dragon_auto
win.tinyloader_auto
win.campoloader_auto
win.icexloader_auto
win.laziok_auto
win.pebbledash_auto
win.cryptic_convo_auto
win.slave_auto
win.sodamaster_auto
win.killav_auto
win.jasus_auto
elf.babuk_auto
win.makop_auto
win.acehash_auto
win.tidepool_auto
win.liteduke_auto
win.cadelspy_auto
win.retefe_auto
win.hawkball_auto
win.mydogs_auto
win.vsingle_auto
win.polpo_auto
win.gootkit_auto
win.silence_auto
win.webc2_ugx_auto
win.cryptoshuffler_auto
win.graphsteel_auto
win.chinotto_auto
win.new_ct_auto
win.goldenspy_auto
win.metadatabin_auto
win.beatdrop_auto
win.rhino_auto
win.data_exfiltrator_auto
win.unidentified_107_auto
win.matanbuchus_auto
win.megumin_auto
win.mailto_auto
win.rtm_locker_auto
win.matrix_ransom_auto
win.r77_auto
win.rakhni_auto
win.epsilon_red_auto
win.unidentified_023_auto
win.mrdec_auto
win.lobshot_auto
win.ldr4_auto
win.alma_communicator_auto
win.nokki_auto
win.goodor_auto
win.terminator_rat_auto
win.concealment_troy_auto
win.homefry_auto
win.nymaim2_auto
win.azorult_auto
win.cannon_auto
win.woody_auto
win.whiskerspy_auto
win.disttrack_auto
win.unidentified_075_auto
win.cardinal_rat_auto
win.ddkeylogger_auto
win.longwatch_auto
win.abantes_auto
win.stinger_auto
win.credraptor_auto
win.netkey_auto
win.vyveva_auto
win.remy_auto
win.ceeloader_auto
win.webc2_table_auto
win.icedid_downloader_auto
win.devopt_auto
win.virut_auto
win.xpertrat_auto
win.krdownloader_auto
win.aresloader_auto
win.ligsterac_auto
win.sagerunex_auto
win.pandora_auto
win.mutabaha_auto
win.cryakl_auto
win.cabart_auto
win.red_gambler_auto
win.karma_auto
win.vhd_ransomware_auto
win.dadstache_auto
win.phoreal_auto
osx.coldroot_rat_auto
win.pss_auto
win.targetcompany_auto
win.netwire_auto
win.mbrlock_auto
win.lightbunny_auto
win.bluehaze_auto
win.unidentified_094_auto
win.biodata_auto
osx.proton_rat_auto
win.apocalypse_ransom_auto
win.sanny_auto
win.manjusaka_auto
win.reactorbot_auto
win.xiaoba_auto
win.lockbit_auto
win.nighthawk_auto
win.icefog_auto
win.miniblindingcan_auto
win.fobber_auto
win.roseam_auto
win.mosquito_auto
win.blackenergy_auto
win.newsreels_auto
win.comlook_auto
win.lazardoor_auto
win.darkme_auto
win.gsecdump_auto
win.ginwui_auto
win.dharma_auto
win.unidentified_058_auto
win.kgh_spy_auto
win.micrass_auto
win.huskloader_auto
win.synccrypt_auto
win.gspy_auto
win.w32times_auto
win.hi_zor_rat_auto
win.zumanek_auto
win.sysscan_auto
win.lyposit_auto
win.poldat_auto
win.unidentified_098_auto
win.dispenserxfs_auto
win.sisfader_auto
win.kasperagent_auto
win.orchard_auto
win.rektloader_auto
win.darkloader_auto
win.holerun_auto
win.winmm_auto
win.morto_auto
win.maktub_auto
win.poweliks_auto
win.squirrelwaffle_auto
win.maze_auto
win.ragnarok_auto
win.rms_auto
win.photofork_auto
win.gazer_auto
win.sedreco_auto
win.ketrican_auto
win.redyms_auto
win.prestige_auto
win.bernhardpos_auto
win.acbackdoor_auto
win.fishmaster_auto
win.donot_auto
win.bumblebee_auto
win.unidentified_106_auto
win.defray_auto
win.vmzeus_auto
win.felismus_auto
win.lunchmoney_auto
win.keylogger_apt3_auto
win.boatlaunch_auto
win.rgdoor_auto
win.pitou_auto
win.gup_proxy_auto
win.catchamas_auto
win.vobfus_auto
win.crutch_auto
win.mistcloak_auto
win.ghostnet_auto
win.tildeb_auto
win.doubleback_auto
win.smokeloader_auto
win.flashflood_auto
win.medusalocker_auto
win.happy_locker_auto
win.danabot_auto
win.common_magic_auto
win.karkoff_auto
win.dexphot_auto
win.gcleaner_auto
win.ozone_auto
win.sys10_auto
win.blacksuit_auto
win.xfilesstealer_auto
win.freenki_auto
win.pslogger_auto
win.aveo_auto
win.sharpknot_auto
win.unidentified_080_auto
win.socksbot_auto
win.grimplant_auto
win.derohe_auto
win.lockergoga_auto
win.smominru_auto
win.lodeinfo_auto
win.zhcat_auto
win.carrotbat_auto
win.webc2_div_auto
win.tinytyphon_auto
win.darkside_auto
win.redshawl_auto
win.swen_auto
win.touchmove_auto
win.rdat_auto
win.coredn_auto
win.8t_dropper_auto
win.lambload_auto
win.artra_auto
win.bezigate_auto
win.batchwiper_auto
win.recordbreaker_auto
win.yoddos_auto
win.hawkeye_keylogger_auto
win.ispy_keylogger_auto
win.lockfile_auto
win.bid_ransomware_auto
win.ramnit_auto
win.fancyfilter_auto
win.shapeshift_auto
win.heriplor_auto
win.boaxxe_auto
win.unidentified_111_auto
win.morphine_auto
win.gozi_auto
win.ismdoor_auto
win.crylocker_auto
win.banatrix_auto
win.amtsol_auto
win.httpsuploader_auto
win.halfrig_auto
win.pocodown_auto
win.petrwrap_auto
win.wonknu_auto
win.cuba_auto
win.parasite_http_auto
win.cutlet_auto
win.comebacker_auto
win.penco_auto
win.danbot_auto
win.ranbyus_auto
win.sage_ransom_auto
win.explosive_rat_auto
win.kardonloader_auto
win.mariposa_auto
win.cradlecore_auto
win.fakerean_auto
win.atomsilo_auto
win.flagpro_auto
win.jolob_auto
win.astralocker_auto
win.tofsee_auto
win.cheesetray_auto
win.mrac_auto
win.abbath_banker_auto
win.allaple_auto
win.iispy_auto
win.sidewinder_auto
win.suncrypt_auto
win.badencript_auto
win.gaudox_auto
win.paladin_auto
win.rctrl_auto
win.sliver_auto
win.virtualgate_auto
win.jcry_auto
win.doublefantasy_auto
win.nitlove_auto
win.redpepper_auto
win.onhat_auto
win.lilith_auto
win.bankshot_auto
win.matryoshka_rat_auto
win.blackruby_auto
win.zerot_auto
win.bistromath_auto
win.pirpi_auto
win.badnews_auto
win.confucius_auto
win.bozok_auto
win.rarstar_auto
win.arik_keylogger_auto
win.h1n1_auto
win.alreay_auto
win.mispadu_auto
win.uroburos_auto
win.hdmr_auto
win.rtm_auto
win.scarab_ransom_auto
win.eagerbee_auto
win.romcom_rat_auto
win.pipcreat_auto
win.royal_ransom_auto
win.fusiondrive_auto
win.caddywiper_auto
win.erebus_auto
win.finteam_auto
win.unidentified_088_auto
win.dnspionage_auto
win.fuwuqidrama_auto
win.stuxnet_auto
win.nachocheese_auto
win.unidentified_092_auto
win.httpdropper_auto
win.isspace_auto
win.upas_auto
win.arefty_auto
win.webc2_head_auto
win.netsupportmanager_rat_auto
win.tapaoux_auto
win.goopic_auto
win.necurs_auto
win.citadel_auto
win.ascentloader_auto
win.uiwix_auto
win.octopus_auto
win.newposthings_auto
win.kikothac_auto
win.kutaki_auto
win.woodyrat_auto
win.unidentified_100_auto
win.cryptbot_auto
win.ironhalo_auto
win.webc2_yahoo_auto
win.prilex_auto
win.coreshell_auto
win.kins_auto
win.logpos_auto
win.carbanak_auto
win.ramdo_auto
win.unidentified_037_auto
win.lookback_auto
win.parallax_auto
win.vanillarat_auto
win.ncctrojan_auto
win.rhysida_auto
win.taurus_stealer_auto
win.atlas_agent_auto
win.mirage_auto
win.wscspl_auto
win.kagent_auto
win.get2_auto
win.arkei_stealer_auto
win.soundbite_auto
win.neutrino_pos_auto
win.babylon_rat_auto
win.urlzone_auto
win.decebal_auto
win.mosaic_regressor_auto
win.cruloader_auto
win.sappycache_auto
win.microbackdoor_auto
win.nitol_auto
win.wastedloader_auto
win.op_blockbuster_auto
win.unidentified_076_auto
win.buhtrap_auto
win.webc2_adspace_auto
win.darkmoon_auto
win.enigma_loader_auto
win.varenyky_auto
win.navrat_auto
win.r980_auto
win.seasalt_auto
win.dyre_auto
win.mim221_auto
win.yakuza_ransomware_auto
win.xfscashncr_auto
win.ployx_auto
win.mofksys_auto
win.nefilim_auto
win.pickpocket_auto
win.fct_auto
win.scarabey_auto
win.firechili_auto
win.webmonitor_auto
win.stealer_0x3401_auto
win.alureon_auto
win.cova_auto
win.torisma_auto
win.kpot_stealer_auto
win.pinchduke_auto
osx.yort_auto
win.himera_loader_auto
win.clop_auto
win.snojan_auto
win.nozelesn_decryptor_auto
win.synflooder_auto
win.yty_auto
win.suppobox_auto
win.rcs_auto
win.lambert_auto
win.venus_locker_auto
win.agfspy_auto
win.dadjoke_auto
win.dratzarus_auto
win.blackmatter_auto
win.client_maximus_auto
win.racket_auto
win.unidentified_020_cia_vault7_auto
win.cerbu_miner_auto
win.mount_locker_auto
win.gameover_dga_auto
win.naikon_auto
win.purelocker_auto
win.vflooder_auto
win.hakbit_auto
win.plead_auto
win.cloud_duke_auto
win.betabot_auto
win.tinymet_auto
win.brbbot_auto
win.bandit_auto
win.sasfis_auto
win.qakbot_auto
win.pillowmint_auto
win.poison_ivy_auto
win.shurl0ckr_auto
win.photolite_auto
win.faketc_auto
win.ccleaner_backdoor_auto
win.daxin_auto
win.cameleon_auto
win.cookiebag_auto
win.hopscotch_auto
win.xpctra_auto
osx.pintsized_auto
win.ghost_secret_auto
win.smanager_auto
win.yanluowang_auto
win.asyncrat_auto
win.fatal_rat_auto
win.zitmo_auto
win.darkdew_auto
win.babyshark_auto
win.nimplant_auto
win.ratankbapos_auto
win.bughatch_auto
win.former_first_rat_auto
win.darkrat_auto
win.shareip_auto
win.unidentified_013_korean_malware_auto
win.rekoobew_auto
win.quantloader_auto
win.stop_auto
win.ironcat_auto
win.xpan_auto
win.uacme_auto
win.buer_auto
win.lolsnif_auto
win.excalibur_auto
win.wpbrutebot_auto
win.mimikatz_auto
win.grandoreiro_auto
win.darksky_auto
win.bart_auto
win.revenant_auto
win.cur1_downloader_auto
win.dustman_auto
win.hancitor_auto
win.coronavirus_ransomware_auto
win.avrecon_auto
win.dmsniff_auto
win.globe_ransom_auto
win.deria_lock_auto
win.avcrypt_auto
win.grateful_pos_auto
win.classfon_auto
win.telandext_auto
win.atmspitter_auto
win.gcman_auto
win.bubblewrap_auto
win.xagent_auto
win.vigilant_cleaner_auto
win.casper_auto
win.nettraveler_auto
win.lumma_auto
win.pwndlocker_auto
win.ufrstealer_auto
win.headertip_auto
win.hermeticwizard_auto
win.mykings_spreader_auto
win.nosu_auto
win.akira_auto
win.govrat_auto
win.banjori_auto
win.avast_disabler_auto
win.alice_atm_auto
win.sierras_auto
elf.satori_auto
win.jripbot_auto
win.maui_auto
win.webc2_ausov_auto
win.sendsafe_auto
win.kerrdown_auto
win.bee_auto
win.hookinjex_auto
win.ghost_rat_auto
win.spyder_auto
win.breach_rat_auto
win.ismagent_auto
win.stalin_locker_auto
win.agendacrypt_auto
win.advisorsbot_auto
win.dnespy_auto
win.knot_auto
win.narilam_auto
win.robinhood_auto
win.bluenoroff_auto
win.cargobay_auto
win.friedex_auto
win.turla_silentmoon_auto
win.mortalkombat_auto
win.lethic_auto
win.amadey_auto
win.sobig_auto
win.helauto_auto
win.glasses_auto
win.sombrat_auto
win.flowershop_auto
win.scarecrow_auto
win.quickheal_auto
win.darkpulsar_auto
win.evilpony_auto
win.duuzer_auto
win.blacksoul_auto
win.olympic_destroyer_auto
win.cybergate_auto
win.thanatos_auto
win.bolek_auto
win.coldseal_auto
win.unidentified_074_auto
win.gandcrab_auto
win.sepsys_auto
win.kdcsponge_auto
win.electric_powder_auto
win.fakeword_auto
win.miragefox_auto
osx.dacls_auto
win.stration_auto
win.aukill_auto
win.wininetloader_auto
win.luminosity_rat_auto
win.lemonduck_auto
win.prikormka_auto
win.wastedlocker_auto
win.rerdom_auto
win.gauss_auto
win.lpeclient_auto
win.turian_auto
win.breakthrough_loader_auto
win.zeppelin_auto
win.tiger_rat_auto
win.nightclub_auto
win.karius_auto
win.sslmm_auto
win.industroyer_auto
win.anchor_auto
win.infy_auto
win.sienna_purple_auto
win.abaddon_pos_auto
win.orpcbackdoor_auto
win.m0yv_auto
win.pushdo_auto
win.chiser_client_auto
win.purplefox_auto
win.tandfuy_auto
win.tonedeaf_auto
win.imprudentcook_auto
win.blackrevolution_auto
win.ordinypt_auto
win.revil_auto
win.startpage_auto
win.mars_stealer_auto
osx.kitmos_auto
win.webbytea_auto
win.idkey_auto
win.yayih_auto
win.orangeade_auto
win.mekotio_auto
win.open_carrot_auto
win.auriga_auto
win.bka_trojaner_auto
win.cerber_auto
win.tinyfluff_auto
win.deathransom_auto
win.seduploader_auto
win.dbatloader_auto
win.getmail_auto
win.peppy_rat_auto
win.crypto_fortress_auto
win.sparrow_door_auto
win.coviper_auto
win.spora_ransom_auto
win.rc2fm_auto
win.stabuniq_auto
win.9002_auto
win.wslink_auto
win.invisimole_auto
win.stealc_auto
win.jaff_auto
win.evilgrab_auto
win.makadocs_auto
win.snowflake_stealer_auto
win.houdini_auto
osx.oceanlotus_auto
win.dramnudge_auto
win.crosswalk_auto
win.session_manager_auto
win.luzo_auto
win.collectorgoomba_auto
win.waterminer_auto
win.innaput_rat_auto
win.torrentlocker_auto
win.darkshell_auto
win.sunorcal_auto
win.nokoyawa_auto
win.phorpiex_auto
win.graphican_auto
win.blackcoffee_auto
win.temp_stealer_auto
win.camubot_auto
win.crytox_auto
win.dexter_auto
win.microcin_auto
win.roll_sling_auto
win.chthonic_auto
win.hesperbot_auto
win.nemty_auto
win.alphanc_auto
win.asruex_auto
win.sedll_auto
win.socelars_auto
win.virdetdoor_auto
win.jssloader_auto
win.teleport_auto
win.joanap_auto
win.acidbox_auto
win.lowzero_auto
win.odinaff_auto
win.privateloader_auto
win.gratem_auto
win.biscuit_auto
win.adkoob_auto
win.dripion_auto
win.rofin_auto
win.regretlocker_auto
win.cryptoshield_auto
win.dreambot_auto
win.httpbrowser_auto
osx.systemd_auto
win.unidentified_095_auto
win.remcom_auto
osx.komplex_auto
win.rokku_auto
win.nagini_auto
win.buterat_auto
win.valley_rat_auto
win.montysthree_auto
win.azov_wiper_auto
win.ardamax_auto
win.doublefinger_auto
win.fireball_auto
win.maudi_auto
win.poscardstealer_auto
win.snatch_auto
win.pcshare_auto
win.monero_miner_auto
win.velso_auto
win.blindingcan_auto
win.ahtapot_auto
win.kovter_auto
win.unidentified_104_auto
win.flame_auto
win.moonbounce_auto
win.opachki_auto
win.portdoor_auto
win.hacksfase_auto
win.unidentified_103_auto
win.voidoor_auto
win.unidentified_091_auto
win.zeoticus_auto
win.backconfig_auto
win.iconic_stealer_auto
win.threebyte_auto
elf.blackcat_auto
win.catb_auto
win.cotx_auto
win.molerat_loader_auto
win.tflower_auto
win.mail_o_auto
win.sword_auto
win.brutpos_auto
win.rovnix_auto
win.http_troy_auto
win.bandook_auto
win.purplewave_auto
win.onionduke_auto
win.agent_btz_auto
win.socks5_systemz_auto
win.younglotus_auto
win.grok_auto
win.bravonc_auto
win.virlock_auto
win.blacknix_rat_auto
win.havex_rat_auto
win.flusihoc_auto
win.carrotball_auto
win.findpos_auto
win.applejeus_auto
win.oldbait_auto
win.servhelper_auto
win.regin_auto
win.entryshell_auto
win.isr_stealer_auto
win.unidentified_001_auto
win.glupteba_auto
win.cmsbrute_auto
win.neddnloader_auto
win.nymaim_auto
win.underminer_ek_auto
win.locky_decryptor_auto
win.reaver_auto
win.rhttpctrl_auto
win.predator_auto
win.meduza_auto
win.orcus_rat_auto
win.bachosens_auto
win.magniber_auto
win.ragnarlocker_auto
win.cryptomix_auto
win.juicy_potato_auto
win.lazarloader_auto
win.simda_auto
win.andromut_auto
win.badflick_auto
win.gacrux_auto
elf.hideandseek_auto
win.hoplight_auto
win.xbtl_auto
win.contopee_auto
win.woolger_auto
win.elirks_auto
win.kelihos_auto
win.diavol_auto
win.tclient_auto
win.unidentified_108_auto
win.funny_dream_auto
win.megacortex_auto
win.xorist_auto
win.teslacrypt_auto
win.powerpool_auto
win.dimnie_auto
win.jackpos_auto
win.mespinoza_auto
win.eternal_petya_auto
win.zeus_openssl_auto
win.misha_auto
win.turnedup_auto
win.fengine_auto
win.maggie_auto
win.kleptoparasite_stealer_auto
win.zloader_auto
win.xfsadm_auto
win.phoenix_locker_auto
win.tiny_turla_auto
win.glassrat_auto
win.albaniiutas_auto
win.remexi_auto
win.laturo_auto
win.medusa_auto
win.udpos_auto
win.webc2_qbp_auto
win.svcready_auto
win.rarog_auto
win.skip20_auto
win.vidar_auto
win.bs2005_auto
win.cycbot_auto
win.pseudo_manuscrypt_auto
win.industroyer2_auto
win.getmypass_auto
win.siluhdur_auto
win.sfile_auto
win.thanatos_ransom_auto
win.magic_rat_auto
win.avaddon_auto
win.jaku_auto
win.tsifiri_auto
win.poslurp_auto
win.mm_core_auto
win.ice_ix_auto
win.c0d0so0_auto
win.slingshot_auto
win.graphical_neutrino_auto
win.luca_stealer_auto
win.hzrat_auto
win.webc2_cson_auto
win.manamecrypt_auto
win.lightlesscan_auto
win.floki_bot_auto
win.mewsei_auto
win.dyepack_auto
win.photoloader_auto
win.darkcomet_auto
win.etumbot_auto
win.teledoor_auto
win.magala_auto
win.sidewalk_auto
win.avzhan_auto
win.bundestrojaner_auto
win.quickmute_auto
win.lightneuron_auto
win.unidentified_041_auto
win.rising_sun_auto
win.fickerstealer_auto
win.spyeye_auto
win.mechanical_auto
win.grandsteal_auto
win.unidentified_071_auto
win.rifdoor_auto
win.pandabanker_auto
win.xbot_pos_auto
win.ksl0t_auto
win.bunitu_auto
win.fonix_auto
win.shakti_auto
win.8base_auto
win.jlorat_auto
win.absentloader_auto
win.boldmove_auto
win.ariabody_auto
win.stealbit_auto
win.zedhou_auto
win.rambo_auto
win.sakula_rat_auto
win.smarteyes_auto
win.killdisk_auto
win.diztakun_auto
win.dairy_auto
win.deputydog_auto
win.unidentified_044_auto
win.sinowal_auto
win.fanny_auto
win.hui_loader_auto
win.redsalt_auto
win.latentbot_auto
win.emdivi_auto
win.upatre_auto
win.sidetwist_auto
win.kingminer_auto
win.urausy_auto
win.broler_auto
win.5t_downloader_auto
win.darktrack_rat_auto
win.combojack_auto
win.vohuk_auto
win.unidentified_031_auto
win.smac_auto
win.risepro_auto
win.bluelight_auto
win.lorenz_auto
win.kuluoz_auto
win.dispcashbr_auto
win.qtbot_auto
win.hotwax_auto
win.powersniff_auto
win.poortry_auto
win.metastealer_auto
win.shimrat_auto
win.disk_knight_auto
win.wndtest_auto
win.cinobi_auto
win.meow_auto
win.blackshades_auto
win.anatova_ransom_auto
win.newpass_auto
win.gopuram_auto
win.numando_auto
win.zeus_auto
win.forest_tiger_auto
win.webc2_rave_auto
win.gamotrol_auto
win.klrd_auto
win.orcarat_auto
win.safenet_auto
win.comodosec_auto
win.mulcom_auto
win.blacklotus_auto
win.thumbthief_auto
win.dridex_auto
win.asprox_auto
win.feodo_auto
win.volgmer_auto
win.plaintee_auto
win.unidentified_006_auto
win.ironwind_auto
win.iisniff_auto
win.grey_energy_auto
win.hellokitty_auto
win.curator_auto
win.furtim_auto
win.sathurbot_auto
win.crimson_auto
win.webc2_greencat_auto
win.milkmaid_auto
win.transbox_auto
win.darkvnc_auto
win.rorschach_auto
win.aurora_auto
win.cobalt_strike_auto
win.antilam_auto
win.termite_auto
win.bedep_auto
win.elmer_auto
win.spaceship_auto
win.polyglot_ransom_auto
win.leash_auto
win.ghole_auto
win.vermilion_strike_auto
win.cryptolocker_auto
win.icondown_auto
win.lamdelin_auto
osx.keranger_auto
win.carberp_auto
win.extreme_rat_auto
win.skyplex_auto
win.ramsay_auto
win.neteagle_auto
win.pvzout_auto
osx.evilquest_auto
win.tinynuke_auto
win.borr_auto
win.marap_auto
win.pylocky_auto
win.logtu_auto
win.stresspaint_auto
win.mokes_auto
osx.macdownloader_auto
win.punkey_pos_auto
win.crypt0l0cker_auto
win.adhubllka_auto
win.atmitch_auto
win.gophe_auto
win.acridrain_auto
win.shifu_auto
win.zeroaccess_auto
win.unidentified_030_auto
win.mydoom_auto
win.redcurl_auto
win.emotet_auto
win.spectre_auto
win.sepulcher_auto
win.dropshot_auto
win.alpc_lpe_auto
win.mindware_auto
win.sneepy_auto
win.scout_auto
win.kegotip_auto
win.blackcat_auto
win.daserf_auto
win.xdspy_auto
win.mangzamel_auto
win.oceansalt_auto
win.cloudeye_auto
win.winsloader_auto
win.komprogo_auto
win.tinba_auto
win.mimic_auto
win.powershellrunner_auto
win.attor_auto
win.downdelph_auto
win.cobra_auto
win.quarterrig_auto
win.nestegg_auto
win.billgates_auto
win.formbook_auto
win.tmanger_auto
win.jessiecontea_auto
win.poison_rat_auto
win.yahoyah_auto
win.fast_pos_auto
win.afrodita_auto
win.selfmake_auto
win.netc_auto
win.dexbia_auto
win.observer_stealer_auto
win.unidentified_077_auto
win.crypmic_auto
win.rm3_auto
win.qadars_auto
win.cloudwizard_auto
win.greetingghoul_auto
win.royal_dns_auto
win.ratel_auto
win.pay2key_auto
win.hermes_auto
win.lokipws_auto
win.darktequila_auto
win.final1stspy_auto
win.lightwork_auto
win.newcore_rat_auto
win.spybot_auto
win.nocturnalstealer_auto
win.nimrev_auto
win.grimagent_auto
win.wipbot_auto
win.prometei_auto
win.stegoloader_auto
win.oski_auto
win.trickbot_auto
win.colibri_auto
win.systembc_auto
win.strongpity_auto
win.babar_auto
win.bleachgap_auto
win.ruckguv_auto
win.globeimposter_auto
win.batel_auto
win.unidentified_045_auto
win.meterpreter_auto
win.soraya_auto
win.wormhole_auto
win.dorkbot_ngrbot_auto
win.simplefilemover_auto
win.bookcodesrat_auto
win.dma_locker_auto
win.isfb_auto
win.kurton_auto
win.sykipot_auto
win.runningrat_auto
win.veiledsignal_auto
win.appleseed_auto
win.waterspout_auto
win.oddjob_auto
win.highnote_auto
win.syscon_auto
win.onliner_auto
win.stowaway_auto
win.mystic_stealer_auto
win.atmii_auto
win.ketrum_auto
win.badhatch_auto
win.sality_auto
win.goldbackdoor_auto
win.koadic_auto
win.mqsttang_auto
win.siggen6_auto
win.ave_maria_auto
win.alina_pos_auto
win.satan_auto
win.unidentified_078_auto
win.shipshape_auto
win.yorekey_auto
win.dumador_auto
win.deltas_auto
win.locky_auto
win.polyglotduke_auto
win.maoloa_auto
win.raccoon_auto
win.bruh_wiper_auto
win.remcos_auto
win.gearshift_auto
win.alma_locker_auto
win.lock_pos_auto
win.manitsme_auto
win.coinminer_auto
win.spider_rat_auto
osx.uroburos_auto
win.adylkuzz_auto
win.kimjongrat_auto
win.plugx_auto
elf.gobrat_auto
win.erbium_stealer_auto
win.nimgrabber_auto
win.chir_auto
win.puzzlemaker_auto
win.matrix_banker_auto
win.snatch_loader_auto
win.bit_rat_auto
win.buzus_auto
win.kazuar_auto
win.nim_blackout_auto
win.obscene_auto
win.snatchcrypto_auto
win.compfun_auto
win.ghostemperor_auto
win.sdbbot_auto
win.baldr_auto
win.corebot_auto
win.starcruft_auto
win.icedid_auto
win.lowball_auto
win.backspace_auto
win.roopy_auto
win.pgift_auto
win.hxdef_auto
win.hermeticwiper_auto
win.himan_auto
win.zlob_auto
win.shujin_auto
win.gravity_rat_auto
win.doppeldridex_auto
Sliver__Implant_64bit
Sliver__Implant_32bit
CobaltStrike__Resources_Bypassuac_Dll_v1_49_to_v3_14_and_Sleeve_Bypassuac_Dll_v4_0_to_v4_x
CobaltStrike__Resources_Httpstager_Bin_v2_5_through_v4_x
CobaltStrike__Resources_Template_x86_Vba_v3_8_to_v4_x
CobaltStrike__Resources_Bind_Bin_v2_5_through_v4_x
CobaltStrike__Resources_Beacon_Dll_All_Versions_MemEnabled
CobaltStrike__Resources_Xor_Bin__64bit_v3_12_to_4_x
CobaltStrike__Resources_Template_Py_v3_3_to_v4_x
CobaltStrike__Resources_Reverse_Bin_v2_5_through_v4_x
CobaltStrike__Resources_Template_x64_Ps1_v3_0_to_v4_x_excluding_3_12_3_13
CobaltStrike__Resources_Artifact32_and_Resources_Dropper_v1_45_to_v4_x
CobaltStrike__Resources_Httpsstager_Bin_v2_5_through_v4_x
CobaltStrike__Resources_Artifact32svc_Exe_v1_49_to_v4_x
CobaltStrike__Resources_Command_Ps1_v2_5_to_v3_7_and_Resources_Compress_Ps1_v3_8_to_v4_x
CobaltStrike__Resources_Httpstager64_Bin_v3_2_through_v4_x
CobaltStrike__Resources_Bypassuac_x64_Dll_v3_3_to_v3_14_and_Sleeve_Bypassuac_x64_Dll_v4_0_and_v4_x
CobaltStrike__Resources_Reverse64_Bin_v2_5_through_v4_x
CobaltStrike__Resources_Bypassuactoken_Dll_v3_11_to_v3_14
CobaltStrike__Resources_Template_Sct_v3_3_to_v4_x
CobaltStrike__Resources_Bypassuactoken_x64_Dll_v3_11_to_v3_14
CobaltStrike__Resources_Artifact64_v1_49_to_v4_x
CobaltStrike__Resources_Smbstager_Bin_v2_5_through_v4_x
CobaltStrike__Resources_Browserpivot_x64_Bin_v1_48_to_v3_14_and_Sleeve_Browserpivot_x64_Dll_v4_0_to_v4_x
CobaltStrike__Resources_Xor_Bin__32bit_v2_x_to_4_x
CobaltStrike__Resources_Httpsstager64_Bin_v3_2_through_v4_x
CobaltStrike__Resources_Template_Vbs_v3_3_to_v4_x
CobaltStrike__Resources_Dnsstager_Bin_v1_47_through_v4_x
CobaltStrike__Resources_Elevate_Dll_v3_0_to_v3_14_and_Sleeve_Elevate_Dll_v4_x
CobaltStrike__Resources_Bind64_Bin_v2_5_through_v4_x
CobaltStrike__Resources_Elevate_X64_Dll_v3_0_to_v3_14_and_Sleeve_Elevate_X64_Dll_v4_x
CobaltStrike__Resources_Browserpivot_Bin_v1_48_to_v3_14_and_Sleeve_Browserpivot_Dll_v4_0_to_v4_x
CobaltStrike__Sleeve_BeaconLoader_all
CobaltStrike__Resources_Covertvpn_Dll_v2_1_to_v4_x
CobaltStrike__Resources_Template__x32_x64_Ps1_v1_45_to_v2_5_and_v3_11_to_v3_14
CobaltStrike__Resources_Covertvpn_injector_Exe_v1_44_to_v2_0_49
Linux_Ransomware_Conti
Windows_Exploit_Perfusion
Windows_Trojan_FalseFont
Windows_Hacktool_AskCreds
Linux_Worm_Generic
Windows_Virus_Floxif
Windows_Trojan_Cryptbot
Windows_Trojan_CobaltStrike
Windows_VulnDriver_Vmdrv
Windows_Trojan_IcedID
Windows_Ransomware_BlackHunt
Windows_VulnDriver_Atillk
Windows_VulnDriver_Zam
Linux_Exploit_CVE_2016_4557
Windows_Wiper_DoubleZero
Linux_Ransomware_RedAlert
Windows_VulnDriver_RtCore
Windows_Trojan_CyberGate
Linux_Cryptominer_Minertr
Linux_Exploit_CVE_2012_0056
Windows_Trojan_Quasarrat
Windows_Trojan_Azorult
Windows_Hacktool_CpuLocker
Multi_Trojan_SparkRat
Linux_Trojan_Connectback
Windows_Ransomware_Snake
Linux_Exploit_Sorso
Linux_Ransomware_LimpDemon
Linux_Trojan_Zpevdo
Linux_Trojan_Ganiw
Windows_Trojan_Pingpull
Linux_Rootkit_Arkd
Windows_Ransomware_WannaCry
Linux_Trojan_Asacub
Windows_VulnDriver_ATSZIO
Linux_Trojan_Pnscan
Windows_Vulndriver_FidDrv
Multi_Ransomware_BlackCat
Windows_VulnDriver_PowerTool
MacOS_Creddump_KeychainAccess
Linux_Trojan_Malxmr
Windows_Hacktool_Phant0m
Windows_Trojan_Revengerat
Windows_Trojan_PowerSeal
Windows_Ransomware_Rook
Windows_Hacktool_NetFilter
Linux_Trojan_Hiddad
Linux_Exploit_Dirtycow
Linux_Exploit_CVE_2022_0847
Linux_Exploit_Enoket
Linux_Virus_Rst
Linux_Cryptominer_Ursu
Windows_Ransomware_Ragnarok
Windows_VulnDriver_DirectIo
Linux_Cryptominer_Malxmr
Linux_Backdoor_Generic
Windows_Hacktool_SharpWMI
Linux_Trojan_Godlua
Multi_Trojan_Merlin
Linux_Trojan_Gognt
Windows_Ransomware_Lockfile
Linux_Hacktool_Flooder
MacOS_Virus_Maxofferdeal
Windows_Trojan_A310logger
Linux_Trojan_Rotajakiro
MacOS_Trojan_KandyKorn
Linux_Exploit_CVE_2009_2698
Linux_Trojan_Backegmm
Windows_Trojan_Hawkeye
MacOS_Trojan_Adload
Windows_Trojan_Behinder
Windows_Ransomware_Phobos
Windows_Hacktool_SharpGPOAbuse
MacOS_Trojan_Aobokeylogger
Linux_Trojan_Bish
MacOS_Backdoor_Keyboardrecord
Linux_Ransomware_Akira
Windows_Virus_Expiro
Linux_Hacktool_Infectionmonkey
Linux_Trojan_Springtail
Windows_Trojan_Lokibot
Windows_Infostealer_Strela
Linux_Trojan_Rekoobe
Windows_Trojan_Parallax
Multi_Trojan_Mythic
Linux_Ransomware_Clop
Windows_Hacktool_SharPersist
Linux_Trojan_Xhide
Windows_VulnDriver_WinFlash
Windows_Trojan_Zloader
Windows_VulnDriver_Amifldrv
Windows_Trojan_FlawedGrace
Linux_Exploit_Intfour
Linux_Cryptominer_Bulz
Linux_Rootkit_Adore
Windows_Hacktool_COFFLoader
Linux_Trojan_Mechbot
Windows_VulnDriver_TmComm
Linux_Trojan_Chinaz
Windows_VulnDriver_WinDivert
Windows_Hacktool_GodPotato
Linux_Ransomware_Sodinokibi
Linux_Trojan_DinodasRAT
Windows_Trojan_Buerloader
Windows_Hacktool_SharpShares
Windows_Ransomware_Stop
Windows_Ransomware_Nightsky
Windows_Trojan_Pandastealer
Windows_Trojan_Darkcomet
Linux_Trojan_XZBackdoor
Windows_Ransomware_Sodinokibi
Linux_Trojan_Xpmmap
Linux_Rootkit_Fontonlake
Linux_Trojan_Mirai
Windows_Trojan_Bumblebee
Windows_Trojan_Xworm
Linux_Trojan_Kinsing
Windows_Trojan_WarmCookie
Windows_Exploit_CVE_2022_38028
Linux_Trojan_Sysrv
Linux_Trojan_Kaiji
Linux_Ransomware_Babuk
Windows_Trojan_Bandook
Linux_Exploit_Moogrey
Windows_Trojan_ServHelper
Linux_Trojan_Mettle
Windows_Trojan_Generic
Linux_Exploit_Openssl
Windows_Trojan_ArkeiStealer
Windows_PUP_MediaArena
Linux_Ransomware_EchoRaix
Linux_Trojan_Xorddos
Windows_Hacktool_SharpHound
Windows_Ransomware_Bitpaymer
Windows_Hacktool_BlackBone
Linux_Trojan_Metasploit
Windows_Hacktool_EDRWFP
Linux_Trojan_Mobidash
Windows_Hacktool_SharpChromium
Linux_Cryptominer_Loudminer
Linux_Cryptominer_Ccminer
Windows_Exploit_Eternalblue
Linux_Ransomware_Hellokitty
Linux_Trojan_Marut
Windows_Trojan_Grandoreiro
Linux_Ransomware_Lockbit
Windows_Ransomware_Maui
Linux_Trojan_Ngioweb
Windows_VulnDriver_Iqvw
Multi_Trojan_Coreimpact
Windows_Trojan_Squirrelwaffle
Windows_Wiper_HermeticWiper
Windows_Trojan_P8Loader
Windows_Trojan_Afdk
Linux_Trojan_Shellbot
Windows_Hacktool_SleepObfLoader
Windows_Hacktool_LeiGod
Linux_Trojan_Shark
Windows_Hacktool_ChromeKatz
Linux_Cryptominer_Xmrig
Linux_Ransomware_SFile
Windows_Trojan_Raccoon
Multi_Trojan_Sliver
Windows_Trojan_RaspberryRobin
Linux_Trojan_Morpes
Windows_Exploit_Log4j
Linux_Cryptominer_Uwamson
Windows_Shellcode_Rdi
Windows_Ransomware_Generic
Linux_Exploit_CVE_2018_10561
Linux_Trojan_Truncpx
Windows_Ransomware_Doppelpaymer
Windows_Hacktool_CheatEngine
Windows_Trojan_BlackShades
MacOS_Cryptominer_Generic
Windows_Hacktool_Iox
Windows_VulnDriver_GlckIo
Windows_Ransomware_Egregor
Linux_Trojan_Swrort
Windows_Trojan_RudeBird
Windows_Ransomware_Conti
Windows_VulnDriver_AsIo
Linux_Trojan_Bluez
Linux_Exploit_Pulse
Windows_Ransomware_Helloxd
Linux_Trojan_Backconnect
Windows_VulnDriver_HpPortIo
Linux_Trojan_Bedevil
Linux_Trojan_Sambashell
Windows_Ransomware_Avoslocker
Linux_Trojan_Lala
Windows_VulnDriver_Fidpci
Linux_Exploit_Foda
Windows_Trojan_SiestaGraph
Windows_Trojan_PrivateLoader
Windows_Trojan_HazelCobra
Windows_Exploit_RpcJunction
Windows_Wiper_IsaacWiper
Windows_Trojan_WikiLoader
Windows_Packer_ScrubCrypt
Linux_Trojan_Mech
Windows_Trojan_Netwire
Linux_Exploit_Local
Linux_Ransomware_RoyalPest
Windows_Trojan_Diceloader
Windows_Ransomware_Blackmatter
Linux_Trojan_Lady
Linux_Trojan_Getshell
Windows_Exploit_Generic
Windows_Hacktool_Capcom
Windows_Trojan_Tofsee
Windows_VulnDriver_MarvinHW
Windows_Ransomware_Haron
Windows_Hacktool_SharpAppLocker
Windows_Trojan_Zeus
Windows_Hacktool_Seatbelt
Linux_Trojan_Torii
Linux_Cryptominer_Zexaf
Windows_Exploit_FakePipe
Windows_Trojan_Trickbot
MacOS_Cryptominer_Xmrig
Linux_Trojan_Iroffer
Windows_Trojan_Blister
Windows_VulnDriver_EneIo
Windows_Trojan_Limerat
Linux_Trojan_Ipstorm
Windows_VulnDriver_ToshibaBios
Windows_Trojan_Qbot
Windows_Trojan_Revcoderat
Windows_VulnDriver_Biostar
Linux_Hacktool_Tcpscan
Windows_Shellcode_Generic
Linux_Exploit_CVE_2021_3156
MacOS_Hacktool_Swiftbelt
Windows_Hacktool_SharpDump
Windows_Trojan_Remcos
Windows_Trojan_PikaBot
Windows_Hacktool_SharpRDP
Windows_Exploit_Dcom
Windows_Hacktool_ProcessHacker
Windows_Trojan_Beam
Windows_Trojan_SpectralViper
MacOS_Virus_Vsearch
Linux_Trojan_Ladvix
Windows_Ransomware_Mespinoza
Linux_Trojan_BPFDoor
Linux_Exploit_Race
Linux_Exploit_CVE_2017_16995
Linux_Exploit_CVE_2017_100011
Linux_Exploit_Lotoor
Linux_Trojan_Godropper
Linux_Cryptominer_Pgminer
Linux_Cryptominer_Attribute
Windows_Trojan_Nighthawk
Linux_Trojan_Sshdkit
Windows_Trojan_SysJoker
Windows_Trojan_DoubleBack
Linux_Hacktool_Portscan
Windows_Trojan_PlugX
Linux_Ransomware_Erebus
Windows_AttackSimulation_Hovercraft
Windows_Trojan_DustyWarehouse
MacOS_Trojan_RustBucket
Windows_Ransomware_Pandora
Linux_Cryptominer_Camelot
Linux_Exploit_CVE_2021_3490
Windows_VulnDriver_Segwin
Windows_Trojan_GhostPulse
Windows_Hacktool_SharpMove
Linux_Ransomware_BlackSuit
Linux_Hacktool_Lightning
Windows_Trojan_Lurker
Windows_Trojan_MassLogger
Windows_VulnDriver_VBox
Linux_Trojan_Zerobot
Windows_Trojan_Smokeloader
Windows_Trojan_Hancitor
MacOS_Virus_Pirrit
Windows_Trojan_DarkCloud
Linux_Hacktool_Prochide
Windows_Trojan_DarkVNC
Linux_Ransomware_Monti
Linux_Trojan_Tsunami
Windows_Trojan_Blackwood
Linux_Trojan_Cerbu
Windows_Backdoor_Goldbackdoor
Linux_Ransomware_NoEscape
Linux_Exploit_CVE_2021_4034
Linux_Exploit_Courier
Multi_Hacktool_Rakshasa
Windows_Trojan_ShadowPad
Linux_Virus_Gmon
Linux_Trojan_Sdbot
Linux_Trojan_Roopre
Linux_Exploit_IOUring
MacOS_Trojan_Amcleaner
Linux_Trojan_Skidmap
Linux_Trojan_Sshdoor
MacOS_Exploit_Log4j
Linux_Backdoor_Bash
Windows_Trojan_PizzaPotion
Linux_Trojan_Rooter
Windows_Trojan_Gozi
Windows_Trojan_JesterStealer
Linux_Trojan_Meterpreter
Windows_Ransomware_Hellokitty
Windows_Trojan_Sliver
Windows_Backdoor_TeamViewer
Windows_Trojan_DBatLoader
Windows_Trojan_MicroBackdoor
Windows_VulnDriver_MsIo
Linux_Shellcode_Generic
Linux_Trojan_Azeela
Windows_VulnDriver_LLAccess
Windows_Trojan_Donutloader
Windows_Trojan_SuddenIcon
Windows_Generic_Threat
Windows_VulnDriver_MicroStar
Windows_VulnDriver_Sandra
Windows_VulnDriver_Ryzen
MacOS_Trojan_Thiefquest
Windows_Trojan_PoshC2
MacOS_Backdoor_Kagent
Windows_VulnDriver_XTier
Linux_Cryptominer_Generic
Windows_VulnDriver_MtcBsv
Windows_Hacktool_ClrOxide
Windows_VulnDriver_Cpuz
Windows_Trojan_OnlyLogger
Windows_Trojan_MyloBot
Windows_VulnDriver_BSMI
Linux_Trojan_Nuker
Linux_Cryptominer_Xmrminer
Windows_Trojan_SVCReady
Windows_Trojan_OskiStealer
MacOS_Trojan_Eggshell
Windows_Hacktool_EDRrecon
Linux_Trojan_Ircbot
Linux_Trojan_Snowlight
Linux_Hacktool_Earthworm
Linux_Trojan_Pornoasset
Windows_VulnDriver_GDrv
Windows_VulnDriver_DBUtil
Linux_Exploit_Criscras
Windows_Ransomware_Thanos
Windows_Ransomware_Mountlocker
Windows_Exploit_IoRing
Linux_Ransomware_Hive
Linux_Cryptominer_Presenoker
Windows_Trojan_Pony
Windows_Trojan_Phoreal
Windows_VulnDriver_Speedfan
Linux_Exploit_CVE_2009_1897
Windows_VulnDriver_Gvci
Windows_Trojan_Backoff
Windows_Ransomware_Crytox
MacOS_Trojan_Genieo
Linux_Exploit_CVE_2009_2908
MacOS_Trojan_SugarLoader
Linux_Trojan_Sfloost
Windows_Trojan_Bitrat
Windows_Ransomware_Grief
Linux_Backdoor_Tinyshell
Windows_Trojan_Kronos
Windows_Trojan_SomniRecord
Windows_Trojan_Babylonrat
Macos_Hacktool_JokerSpy
Windows_Trojan_HijackLoader
Windows_Trojan_Njrat
Windows_Trojan_CaesarKbd
Multi_EICAR
Linux_Backdoor_Fontonlake
Linux_Trojan_Banload
Linux_Exploit_Log4j
Windows_Trojan_Fabookie
Windows_Trojan_Rhadamanthys
Windows_VulnDriver_Asrock
Linux_Virus_Thebe
Windows_Hacktool_Dcsyncer
Windows_Trojan_SolarMarker
Windows_Trojan_Vidar
Windows_Ransomware_Maze
Windows_Trojan_SnakeKeylogger
Windows_Wiper_CaddyWiper
Linux_Cryptominer_Miancha
Windows_VulnDriver_ArPot
Linux_Packer_Patched_UPX
Windows_Ransomware_Ryuk
Windows_Trojan_Deimos
Linux_Trojan_Rozena
Windows_Trojan_Merlin
Linux_Hacktool_Cleanlog
Linux_Trojan_Gafgyt
MacOS_Trojan_Metasploit
Windows_Ransomware_Makop
Windows_Trojan_STRRAT
Linux_Exploit_Perl
MacOS_Backdoor_Applejeus
Linux_Trojan_Rbot
Windows_Ransomware_Magniber
Linux_Trojan_Snessik
Windows_Trojan_Metasploit
Windows_Hacktool_SharpView
Windows_VulnDriver_Elby
Linux_Ransomware_ItsSoEasy
Linux_Cryptominer_Ksmdbot
Windows_Hacktool_Certify
Windows_Vulndriver_Fileseclab
Linux_Trojan_Patpooty
Linux_Ransomware_BlackBasta
Linux_Exploit_CVE_2019_13272
Linux_Ransomware_Gonnacry
MacOS_Trojan_Generic
Linux_Exploit_Abrox
Windows_Hacktool_SafetyKatz
Linux_Hacktool_Wipelog
Windows_Trojan_RedLineStealer
Windows_Ransomware_Akira
Windows_Hacktool_DinvokeRust
Windows_Ransomware_WhisperGate
Windows_Hacktool_SharpStay
Linux_Trojan_Sqlexp
Windows_Hacktool_ExecuteAssembly
Linux_Trojan_Sckit
Windows_VulnDriver_Viragt
Windows_Hacktool_Mimikatz
Windows_Trojan_Matanbuchus
Linux_Rootkit_Dakkatoni
Windows_Trojan_SourShark
Windows_Trojan_Garble
Linux_Exploit_Vmsplice
Windows_Cryptominer_Generic
Windows_Trojan_PipeDance
Windows_Trojan_BloodAlchemy
Linux_Ransomware_Quantum
Windows_Trojan_DragonBreath
Multi_Ransomware_Luna
Windows_Trojan_Havoc
Linux_Trojan_Adlibrary
Windows_Trojan_Asyncrat
Linux_Ransomware_Esxiargs
Linux_Proxy_Frp
Windows_Trojan_NapListener
MacOS_Trojan_Getshell
Windows_Trojan_StormKitty
Windows_Ransomware_Cuba
Windows_VulnDriver_RWEverything
Linux_Trojan_Dofloo
Linux_Cryptominer_Roboto
Windows_Hacktool_SharpSCCM
Windows_Trojan_Clipbanker
Windows_Trojan_ModPipe
Windows_Ransomware_Clop
Windows_RemoteAdmin_UltraVNC
Windows_VulnDriver_ElRawDisk
Windows_VulnDriver_Agent64
Windows_Rootkit_R77
Multi_Generic_Threat
Windows_Hacktool_Gmer
Windows_Ransomware_Royal
MacOS_Trojan_Electrorat
Linux_Trojan_Mumblehard
Windows_Trojan_AveMaria
Windows_Ransomware_Darkside
Windows_Trojan_EagerBee
Linux_Trojan_Orbit
Windows_Trojan_Stealc
Windows_Hacktool_Rubeus
Multi_AttackSimulation_Blindspot
Windows_VulnDriver_WinIo
Windows_Backdoor_DragonCastling
Linux_Hacktool_Exploitscan
Linux_Generic_Threat
Linux_Downloader_Generic
Linux_Cryptominer_Bscope
Linux_Cryptominer_Casdet
Windows_Trojan_Latrodectus
Windows_Ransomware_Ransomexx
MacOS_Trojan_Bundlore
MacOS_Backdoor_Fakeflashlxk
Windows_Trojan_Fickerstealer
Windows_Trojan_Nanocore
Windows_Ransomware_BlackBasta
Windows_Trojan_WineLoader
Windows_Trojan_Amadey
Linux_Virus_Staffcounter
MacOS_Trojan_Fplayer
Windows_Trojan_GhostEngine
Windows_Trojan_BruteRatel
Windows_Trojan_Jupyter
Windows_VulnDriver_PowerProfiler
Windows_VulnDriver_ProcExp
Linux_Ransomware_RagnarLocker
Windows_Trojan_Lobshot
Windows_VulnDriver_EchoDrv
Windows_Trojan_DiamondFox
MacOS_Backdoor_Useragent
Windows_Trojan_AgentTesla
Windows_Trojan_Carberp
Linux_Exploit_Ramen
Windows_VulnDriver_ProcId
Windows_Infostealer_PhemedroneStealer
Linux_Trojan_Masan
Windows_Hacktool_DarkLoadLibrary
Windows_Trojan_MetaStealer
Windows_Trojan_Xpertrat
Windows_Trojan_WhisperGate
Windows_Trojan_Farfli
Linux_Exploit_CVE_2010_3301
Linux_Exploit_Cornelgen
Windows_Trojan_ProtectS
Windows_Trojan_DCRat
Windows_Trojan_Glupteba
Linux_Trojan_Badbee
Windows_Hacktool_PhysMem
Windows_Trojan_Guloader
Multi_Hacktool_Nps
Linux_Trojan_Merlin
Linux_Trojan_Winnti
Windows_Trojan_DownTown
Linux_Exploit_CVE_2016_5195
Linux_Trojan_Dnsamp
Linux_Hacktool_Bruteforce
Linux_Trojan_Dropperl
Linux_Trojan_Ebury
Windows_Trojan_Danabot
Windows_VulnDriver_Lha
Windows_Hacktool_WinPEAS_ng
Windows_VulnDriver_Rtkio
Linux_Hacktool_Aduh
Windows_PUP_Generic
Linux_Trojan_Setag
Windows_Trojan_Bughatch
Linux_Webshell_Generic
Linux_Trojan_Subsevux
Linux_Backdoor_Python
Windows_Hacktool_SharpLAPS
Linux_Trojan_Generic
Linux_Trojan_Ddostf
Windows_Trojan_DoorMe
Linux_Exploit_Wuftpd
Linux_Trojan_Psybnc
Windows_Trojan_Sythe
Windows_Trojan_Gh0st
Linux_Cryptominer_Stak
Linux_Exploit_Alie
Windows_Ransomware_Hive
MacOS_Hacktool_Bifrost
Windows_Trojan_Emotet
Windows_Trojan_XtremeRAT
Windows_Trojan_Bazar
MacOS_Trojan_HLoader
Windows_Hacktool_SharpUp
Windows_Trojan_SystemBC
Linux_Cryptominer_Flystudio
Windows_Trojan_DarkGate
Windows_Trojan_LegionLoader
Linux_Cryptominer_Xpaj
Windows_Ransomware_Lockbit
Windows_Trojan_Lumma
Windows_Virus_Neshta
Windows_Trojan_TwistedTinsel
Windows_VulnDriver_Mhyprot
Windows_Trojan_M0yv
Windows_Trojan_Nimplant
Linux_Exploit_CVE_2014_3153
Windows_PUP_Veriato
Windows_VulnDriver_IoBitUnlocker
Windows_Trojan_Dridex
Windows_Ransomware_Dharma
Linux_Hacktool_Fontonlake
Windows_Trojan_Octopus
Windows_Trojan_Formbook
yara
yara2022-07-28 SharpTongue SharpTongue Deploys Clever Mail-Stealing Browser Extension SHARPEXT
yaraindicators
yaraindicatorsindicators
yara2022-08-10 Mass exploitation of (Un)authenticated Zimbra RCE CVE-2022-27925
yaraindicatorsindicatorsindicators
yaraindicatorsindicatorsindicatorsindicators
yaraindicatorsindicatorsindicatorsindicatorsindicators
yaraindicatorsindicatorsindicatorsindicatorsindicatorsindicators
yaraindicatorsindicatorsindicatorsindicatorsindicatorsindicatorsindicators
yaraindicatorsindicatorsindicatorsindicatorsindicatorsindicatorsindicatorsindicators
rules
rulesindicators
yara2023-03-07 AVBurner
rulesindicatorsindicators
yaraindicatorsindicatorsindicatorsindicatorsindicatorsindicatorsindicatorsindicatorsindicators
rulesindicatorsindicatorsindicators
rulesindicatorsindicatorsindicatorsindicators
rules2024-02-13 CharmingCypress
arkei_stealer
flusihoc
darksky_http
kardon_loader
merocota
konni
ovidiy
diamond_fox
sandboxdetect
UserDB
GeorBotBinary
urausy_skypedat
APT_NGO_wuaclt
userdb_panda
eppackersigs
leverage
vmdetect
mask
userdb_jclausing
hangover
epcompilersigs
flash
index
fpu
apt1
kins
APT_NGO_wuaclt_PDF
dbgdetect
avdetect
GeorBotMemory
Shylock
Citadel
Spyeye
Qadars
Ice-IX
AutoIT
Dotfuscator
XTremRat
Poisonivy
Terminator
Cerberus
Swrort
BlackShades
jRAT_conf
PlugX
DarkComet
office_document_vba
u34
installmonstr
JupyterPS
solarmarker_packer
JupyterDll
solarmarker_packer2
Jupyter_dll2
solarmarker_packer3
solarmarker
solarmarkernov2023
solarmarker_packer_may2023
solarmarker_0322
solarmarker_dropper
Word_PS_Downloader
hydraseven_loader
rat_detection
emotet_dll
vbs_downloader_jan2021
wwlib
possible_redline
suspicious_scripts
Suspicious_PowerShell_Strings
authenticode_anomalies
red_leaves
sakula
package_manager
badwinmail
pas_web_kit
generic_jsp
pbot
obfuscated_php
fopo
elf_format
cerber3
kaiten
venom
hived
Trojan_CoinMiner
MINER_Monero
RANSOM_Anatova
RANSOM_mountlocker
RANSOM_CTBLocker
RANSOM_jeff_dev
RANSOM_Sodinokibi
RANSOM_Darkside
RANSOM_netwalker
Ransom_Vovalex1
RANSOM_Suncrypt
RANSOM_Avoslocker
RANSOM_makop
RANSOM_Nemty
Ransom_Mespinoza
RANSOM_Shiva
RANSOM_ClopRansomNote
RANSOM_Bitpaymer
RANSOM_Babuk_Packed_Feb2021
Ransom_Maze
RANSOM_BadRabbit
RANSOM_Exorcist
Ransom_Conti
RANSOM_CryptoNar
RANSOM_MegaCortex
RANSOM_amba
RANSOM_Linux_HelloKitty0721
RANSOM_wastedlocker
RANSOM_locdoor
RANSOM_termite
RANSOM_shrug2
RANSOM_wannaren
RANSOM_Cryptolocker
RANSOM_egregor
RANSOM_thiefquest
RANSOM_RobbinHood
RANSOM_Pico
RANSOM_SamSam
RANSOM_Lockbit2
RANSOM_snake_ransomware
RANSOM_LockerGoga
RANSOM_Kraken
Ransom_Win_BlackCat_public
RANSOM_ragnarlocker
RANSOM_acroware
Ransom_ThunderX
RANSOM_BabukLocker_Jan2021
RANSOM_Buran
ransom_BlackKingDom
RANSOM_Ryuk
RANSOM_Loocipher
RANSOM_MONGOLOCK
RANSOM_GPGQwerty
RANSOM_PureLocker
RANSOM_coronavirus
RANSOM_xinof
RANSOM_NEFILIM
STEALER_credstealer
STEALER_Lokibot
STEALER_EmiratesStatement
MALW_MsWordExploit_DOC
MALW_inabot_worm_pdb
MALW_medfos_pdb
MALW_backdoor_kankan_pdb
MALW_rietspoof_loader
MALW_Eicar
MALW_backdoor_havex_pdb
MALW_vbs_mykins_botnet
MALW_kelhios_botnet_pdb
MALW_festi_botnet_pdb
MALW_liquorbot
MALW_shellcode_mykins_botnet
MALDOC_rtf_bluetea_builder
MALW_likseput_backdoor_pdb
MALW_jatboss
MALW_chickdos_pdb
MALW_alina_pos_pdb
MALW_fritzfrog
MALW_dropper_demekaf_pdb
MALW_VPNfilter
MALW_Rovnix
MALW_cutwail
MALW_mangzamel_trojan_pdb
MALW_emotet
MALW_cobaltstrike
MALW_downloader_darkmegi
MALW_browser_fox_adware
MALW_dridex_p2p_pdb
MALW_screenlocker_5h311_1nj3c706
MALW_redline
MAL_cyax_sharp_loader
MALW_masslogger_stealer
MALW_Shifu
MALW_backdoor_katorxa_pdb
MALW_NionSpy
MALW_blackpos_pdb
ixeshe_bled_pdb
APT_operation_troy
APT_acidbox
flamer_pdb
APT_hangover
APT_mirage_pdb
APT_gdocupload_pdb
gauss_pdb
APT_MiniASP_pdb
APT_blackenergy_pdb
APT_manitsme_trojan_pdb
APT_turla_pdb
APT_operation_skeleton
APT_auriga_biscuit
APT_babar_pdb
APT_hikit_rootkit_pdb
enfal_pdb
APT_karkoff_dnspionaje
APT_operation_aurora
APT_Troj_HermWiper
APT_decade_of_RATs
APT_milum_wildpressure
APT_elise_pdb
APT_Operation_SoftCell
APT_Tortoiseshell_Syskit
APT_lagulon_pdb
APT_Derusbi
APT_KimSuky_dllbckdr
APT_winnti
Rekoobe
Gh0stRAT
WatchBog
HiddenWasp
Doki_Attack
Trickbot
Lazarus_2020
ChinaZ_Managers
QNAPCrypt
EvilGnome
AgeLocker
GreedyAntd
NexePirateSteal
IPStorm
Iranian_Wipers
DarkCometintezer
RussianAPT
RedDelta
APT15
badiis
rich_headers_IconicPayloads_3CX
ta410
sshdoor
invisimole
SparklingGoblin
animalfarm
prikormka
mozi
mumblehard_packer
linux-moose
kobalos
PotaoNew
stantinko
ebury
helimod
windigo-onimiki
rakos
keydnap
skip20_sqllang_hook
gazer
turla-outlook
carbon
Trojan_CoinMinerminers
MINER_Monerominers
RANSOM_Anatovaransomware
RANSOM_mountlockerransomware
RANSOM_CTBLockerransomware
RANSOM_jeff_devransomware
RANSOM_Sodinokibiransomware
RANSOM_Darksideransomware
RANSOM_netwalkerransomware
Ransom_Vovalex1ransomware
RANSOM_Suncryptransomware
RANSOM_Avoslockerransomware
RANSOM_makopransomware
RANSOM_Nemtyransomware
Ransom_Mespinozaransomware
RANSOM_Shivaransomware
RANSOM_ClopRansomNoteransomware
RANSOM_Bitpaymerransomware
RANSOM_Babuk_Packed_Feb2021ransomware
Ransom_Mazeransomware
RANSOM_BadRabbitransomware
RANSOM_Exorcistransomware
Ransom_Contiransomware
RANSOM_CryptoNarransomware
RANSOM_MegaCortexransomware
RANSOM_ambaransomware
RANSOM_Linux_HelloKitty0721ransomware
RANSOM_wastedlockerransomware
RANSOM_locdoorransomware
RANSOM_termiteransomware
RANSOM_shrug2ransomware
RANSOM_wannarenransomware
RANSOM_Cryptolockerransomware
RANSOM_egregorransomware
RANSOM_thiefquestransomware
RANSOM_RobbinHoodransomware
RANSOM_Picoransomware
RANSOM_SamSamransomware
RANSOM_Lockbit2ransomware
RANSOM_snake_ransomwareransomware
RANSOM_LockerGogaransomware
RANSOM_Krakenransomware
Ransom_Win_BlackCat_publicransomware
RANSOM_ragnarlockerransomware
RANSOM_acrowareransomware
Ransom_ThunderXransomware
RANSOM_BabukLocker_Jan2021ransomware
RANSOM_Buranransomware
ransom_BlackKingDomransomware
RANSOM_Ryukransomware
RANSOM_Loocipherransomware
RANSOM_MONGOLOCKransomware
RANSOM_GPGQwertyransomware
RANSOM_PureLockerransomware
RANSOM_coronavirusransomware
RANSOM_xinofransomware
RANSOM_NEFILIMransomware
STEALER_credstealerstealer
STEALER_Lokibotstealer
STEALER_EmiratesStatementstealer
MALW_MsWordExploit_DOCmalware
MALW_inabot_worm_pdbmalware
MALW_medfos_pdbmalware
MALW_backdoor_kankan_pdbmalware
MALW_rietspoof_loadermalware
MALW_Eicarmalware
MALW_backdoor_havex_pdbmalware
MALW_vbs_mykins_botnetmalware
MALW_kelhios_botnet_pdbmalware
MALW_festi_botnet_pdbmalware
MALW_liquorbotmalware
MALW_shellcode_mykins_botnetmalware
MALDOC_rtf_bluetea_buildermalware
MALW_likseput_backdoor_pdbmalware
MALW_jatbossmalware
MALW_chickdos_pdbmalware
MALW_alina_pos_pdbmalware
MALW_fritzfrogmalware
MALW_dropper_demekaf_pdbmalware
MALW_VPNfiltermalware
MALW_Rovnixmalware
MALW_cutwailmalware
MALW_mangzamel_trojan_pdbmalware
MALW_emotetmalware
MALW_cobaltstrikemalware
MALW_downloader_darkmegimalware
MALW_browser_fox_adwaremalware
MALW_dridex_p2p_pdbmalware
MALW_screenlocker_5h311_1nj3c706malware
MALW_redlinemalware
MAL_cyax_sharp_loadermalware
MALW_masslogger_stealermalware
MALW_Shifumalware
MALW_backdoor_katorxa_pdbmalware
MALW_NionSpymalware
MALW_blackpos_pdbmalware
ixeshe_bled_pdbAPT
APT_operation_troyAPT
APT_acidboxAPT
flamer_pdbAPT
APT_hangoverAPT
APT_mirage_pdbAPT
APT_gdocupload_pdbAPT
gauss_pdbAPT
APT_MiniASP_pdbAPT
APT_blackenergy_pdbAPT
APT_manitsme_trojan_pdbAPT
APT_turla_pdbAPT
APT_operation_skeletonAPT
APT_auriga_biscuitAPT
APT_babar_pdbAPT
APT_hikit_rootkit_pdbAPT
enfal_pdbAPT
APT_karkoff_dnspionajeAPT
APT_operation_auroraAPT
APT_Troj_HermWiperAPT
APT_decade_of_RATsAPT
APT_milum_wildpressureAPT
APT_elise_pdbAPT
APT_Operation_SoftCellAPT
APT_Tortoiseshell_SyskitAPT
APT_lagulon_pdbAPT
APT_DerusbiAPT
APT_KimSuky_dllbckdrAPT
APT_winntiAPT
windows_misc
njrat
unknown
Vjw0rm
agent_teslaDropper
wshrat
asyncratDropper
valyria
MALWARE_Emotet_OneNote_Delivery_wsf_Mar23
MALWARE_PlugX_USB_Delivery_Jun21
RANSOM_ESXiArgs_Ransomware_Bash_Feb23
formbookMalware
RANSOM_Magniber_ISO_Jan23
RANSOM_MedusaLocker_July22
RANSOM_ESXiArgs_Ransomware_Encrypt_Feb23
RANSOM_Magniber_LNK_Jan23
RANSOM_ESXiArgs_Ransomware_Python_Feb23
RANSOM_Lockbit_Black_Packer
exe
lnk
vbs
powershell
SUS_Unsigned_APPX_MSIX_Manifest_Feb23
SUS_Unsigned_APPX_MSIX_Installer_Feb23
MALWARE_OneNote_Delivery_Jan23
iso
njratRAT
n-w0rm
wshratRAT
asyncratRAT
redline_stealer
vbs_obfuscation
javascript_obfuscation
HUNT_RTF_CVE_2023_21716
download_variations
APT_Bitter_T-APT-17
Win32.Ransomware.CryptoWall
Win32.Ransomware.Jamper
Win32.Ransomware.DearCry
Win32.Ransomware.Henry
Win32.Ransomware.Gibon
ByteCode.MSIL.Ransomware.Janelle
ByteCode.MSIL.Ransomware.WildFire
Win32.Ransomware.GlobeImposter
Win32.Ransomware.Saturn
ByteCode.MSIL.Ransomware.Eternity
Win32.Ransomware.HentaiOniichan
Win32.Ransomware.PXJ
Win32.Ransomware.GusCrypter
ByteCode.MSIL.Ransomware.Apis
Win32.Ransomware.Kovter
ByteCode.MSIL.Ransomware.Pacman
ByteCode.MSIL.Ransomware.Thanos
ByteCode.MSIL.Ransomware.Venom
Win32.Ransomware.IFN643
Win32.Ransomware.Ransoc
Win32.Ransomware.CryptoBit
Win32.Ransomware.Cuba
ByteCode.MSIL.Ransomware.HarpoonLocker
Win32.Ransomware.KawaiiLocker
Win32.Ransomware.NB65
Win32.Ransomware.RegretLocker
Win64.Ransomware.Vovalex
Win32.Ransomware.Cincoo
Win64.Ransomware.Pandora
Win32.Ransomware.Kraken
Win32.Ransomware.District
Win32.Ransomware.Paradise
Win64.Ransomware.Albabat
Win32.Ransomware.Sarbloh
Win32.Ransomware.BitCrypt
Win32.Ransomware.Ransomexx
Bytecode.MSIL.Ransomware.CobraLocker
Win32.Ransomware.Jormungand
Win32.Ransomware.Sifrelendi
Win32.Ransomware.Ferrlock
Win32.Ransomware.DesuCrypt
Win32.Ransomware.Teslarvng
ByteCode.MSIL.Ransomware.GoodWill
Win32.Ransomware.Gomer
Win32.Ransomware.LockBit
Win64.Ransomware.HotCoffee
Win32.Ransomware.Encoded01
Win32.Ransomware.Ako
Win64.Ransomware.HermeticRansom
Win64.Ransomware.Ako
Win32.Ransomware.RagnarLocker
Win32.Ransomware.Clop
Win32.Ransomware.Thanatos
Win32.Ransomware.FuxSocy
Win64.Ransomware.Seth
Win64.Ransomware.DST
Win32.Ransomware.Prometey
ByteCode.MSIL.Ransomware.ZeroLocker
Win32.Ransomware.Balaclava
Win64.Ransomware.Wintenzz
Win32.Ransomware.Cryakl
Win32.Ransomware.Mafia
Win32.Ransomware.WinWord64
Win32.Ransomware.Revil
Win32.Ransomware.Rokku
Win32.Ransomware.Sanwai
Win32.Ransomware.BananaCrypt
Win32.Ransomware.Conti
Win32.Ransomware.FLKR
Win32.Ransomware.WaspLocker
Win32.Ransomware.Lorenz
ByteCode.MSIL.Ransomware.TimeCrypt
ByteCode.MSIL.Ransomware.GhosTEncryptor
Win64.Ransomware.BlackBasta
Win32.Ransomware.ASN1Encoder
ByteCode.MSIL.Ransomware.PoliceRecords
Win32.Ransomware.RansomPlus
Win32.Ransomware.Crysis
Win32.Ransomware.MedusaLocker
Win32.Ransomware.Sage
Win32.Ransomware.Hermes
ByteCode.MSIL.Ransomware.Moisha
Win32.Ransomware.NanoLocker
Win32.Ransomware.BlackBasta
Win64.Ransomware.Solaso
Win32.Ransomware.Xorist
Win64.Ransomware.WhiteBlackCrypt
Win32.Ransomware.Defray
Win32.Ransomware.Buran
Win32.Ransomware.DogeCrypt
Win32.Ransomware.MarsJoke
Win32.Ransomware.Bam2021
Win32.Ransomware.AnteFrigus
Win32.Ransomware.DarkSide
Win32.Ransomware.Koxic
Win64.Ransomware.Nokoyawa
Win32.Ransomware.Sherminator
Win32.Ransomware.Armage
Win32.Ransomware.ZeroCrypt
Win32.Ransomware.Jemd
Win32.Ransomware.Sepsis
Win32.Ransomware.Dualshot
Win32.Ransomware.Pay2Key
Linux.Ransomware.RedAlert
Win32.Ransomware.Erica
Win32.Ransomware.HakunaMatata
Win32.Ransomware.VHDLocker
ByteCode.MSIL.Ransomware.WormLocker
Win32.Ransomware.Good
Win32.Ransomware.Zeppelin
Win64.Ransomware.AntiWar
Win32.Ransomware.5ss5c
Win32.Ransomware.KillDisk
Win32.Ransomware.GarrantyDecrypt
Win64.Ransomware.SeedLocker
Win32.Ransomware.Motocos
Win32.Ransomware.Archiveus
Win64.Ransomware.Cactus
Win32.Ransomware.HowAreYou
Win32.Ransomware.BlackCat
Win32.Ransomware.Monalisa
Win32.Ransomware.Crypmic
Win64.Ransomware.Rook
Win32.Ransomware.RetMyData
Win32.Ransomware.MountLocker
ByteCode.MSIL.Ransomware.Ghostbin
Win32.Ransomware.Magniber
Win32.Ransomware.Outsider
Win32.Ransomware.SevenSevenSeven
Win32.Ransomware.WsIR
Linux.Ransomware.GwisinLocker
Win32.Ransomware.Redeemer
Win32.Ransomware.DenizKizi
Win32.Ransomware.Teslacrypt
Win32.Ransomware.Matsnu
ByteCode.MSIL.Ransomware.Namaste
Win32.Ransomware.Sigrun
Win32.Ransomware.BlackMoon
Win32.Ransomware.BlueLocker
Win32.Ransomware.Avaddon
Win32.Ransomware.Wastedlocker
ByteCode.MSIL.Ransomware.ChupaCabra
Win32.Ransomware.Alcatraz
Win32.Ransomware.Montserrat
Win32.Ransomware.WannaCry
Win32.Ransomware.Zeoticus
Win32.Ransomware.Badbeeteam
Win32.Ransomware.TargetCompany
Win32.Ransomware.Velso
Win64.Ransomware.RedRoman
Win32.Ransomware.Marlboro
Win32.Ransomware.DMR
ByteCode.MSIL.Ransomware.Dusk
Win32.Ransomware.FenixLocker
Win32.Ransomware.CryptoJoker
Win32.Ransomware.FarAttack
Win32.Ransomware.Major
Win32.Ransomware.LeChiffre
Win32.Ransomware.Ryuk
Win32.Ransomware.Satana
ByteCode.MSIL.Ransomware.EAF
Win32.Ransomware.Networm
ByteCode.MSIL.Ransomware.Hog
Win32.Ransomware.PrincessLocker
Win32.Ransomware.Afrodita
Win32.Ransomware.Spora
Win32.Ransomware.BKRansomware
Win32.Ransomware.Babuk
Win32.Ransomware.DirtyDecrypt
Win32.Ransomware.Petya
Win32.Ransomware.Gpcode
Win32.Ransomware.BandarChor
ByteCode.MSIL.Ransomware.Invert
Win32.Ransomware.HydraCrypt
Win32.Ransomware.Knot
Win32.Ransomware.Zoldon
Win32.Ransomware.Reveton
Win32.Ransomware.MZP
Win32.Ransomware.OphionLocker
Win32.Ransomware.CryptoLocker
Win32.Ransomware.Dragon
Win32.Ransomware.AvosLocker
Win32.Ransomware.FCT
Win64.Ransomware.Curator
Win32.Ransomware.JSWorm
Win32.Ransomware.TechandStrat
Win32.Ransomware.GPGQwerty
Win32.Ransomware.Serpent
Win32.Ransomware.Makop
Win32.Ransomware.Oni
Win32.Ransomware.Plague17
Win32.Ransomware.BrainCrypt
Win32.Ransomware.CryptoFortress
Win32.Ransomware.HDMR
Win32.Ransomware.Nefilim
Win32.Ransomware.Ouroboros
Win64.Ransomware.AwesomeScott
Win32.Ransomware.Skystars
Linux.Ransomware.KillDisk
Win32.Ransomware.Flamingo
Win32.Ransomware.Ladon
Linux.Ransomware.LuckyJoe
ByteCode.MSIL.Ransomware.Fantom
Win32.Ransomware.TorrentLocker
Win32.Ransomware.Horsedeal
Win32.Ransomware.Delphimorix
ByteCode.MSIL.Ransomware.Oct
Win32.Ransomware.HDDCryptor
Win32.Ransomware.Termite
Win32.Ransomware.Zhen
Win32.Ransomware.JuicyLemon
Win32.Ransomware.TeleCrypt
Win32.Ransomware.ShadowCryptor
Win32.Ransomware.BadBlock
ByteCode.MSIL.Ransomware.Cring
ByteCode.MSIL.Ransomware.TaRRaK
ByteCode.MSIL.Ransomware.Khonsari
Win32.Ransomware.Dharma
Win32.Ransomware.Maktub
Win32.Ransomware.ChiChi
Win32.Ransomware.Acepy
Win32.Ransomware.GandCrab
Win32.Ransomware.MRAC
Win32.Ransomware.Blitzkrieg
Win32.Ransomware.TBLocker
ByteCode.MSIL.Ransomware.McBurglar
Win32.Ransomware.NotPetya
ByteCode.MSIL.Ransomware.Povlsomware
ByteCode.MSIL.Ransomware.Retis
Win32.Ransomware.DMALocker
Win32.Ransomware.LooCipher
Win32.Ransomware.Atlas
Win32.Ransomware.Meow
Win32.Ransomware.Lolkek
Win32.Ransomware.Crypren
Win32.Ransomware.Sifreli
ByteCode.MSIL.Ransomware.TimeTime
Win32.Ransomware.Nemty
Win32.Ransomware.Satan
Win32.Ransomware.Kangaroo
Win32.Ransomware.Ragnarok
Win32.Ransomware.VegaLocker
Win32.Ransomware.InfoDot
blocklist
Win32.Virus.Awfull
Win32.Virus.Cmay
Win32.Virus.Negt
Linux.Virus.Vit
Win32.Virus.Elerad
Win32.Virus.Mocket
Win32.Virus.DeadCode
Win32.Virus.Greenp
Win32.Infostealer.LumarStealer
Win32.Infostealer.ProjectHookPOS
Win32.Infostealer.MultigrainPOS
Win32.Infostealer.StealC
Win32.Trojan.CaddyWiper
Win32.Trojan.HermeticWiper
Win32.Trojan.Emotet
Win32.Trojan.BiBiWiper
Linux.Trojan.BiBiWiper
Linux.Trojan.AcidRain
Win32.Trojan.Dridex
Win32.Trojan.IsaacWiper
Win32.Trojan.TrickBot
Win32.Exploit.CVE20200601
Win32.PUA.Domaiq
Win32.Backdoor.Konni
Win64.Backdoor.Konni
Linux.Backdoor.Linodas
ByteCode.MSIL.Backdoor.AsyncRAT
Win64.Backdoor.SideTwist
ByteCode.MSIL.Backdoor.Menorah
Win64.Backdoor.Minodo
ByteCode.MSIL.Backdoor.AgentRacoon
ByteCode.MSIL.Backdoor.LimeRAT
Linux.Backdoor.Krasue
Win32.Downloader.dlMarlboro
crypto_signatures
packer
rich
deathransom
netwalker
mountLockerV2_unpacked
wannacry
germanwiper
ICMLuaUtil_UACMe_M41
huan_crypter
zipExec_crypter
danabot_main
revil_linux
ezuri_revised
blackmatter_linux_encryptor
esxi_commands_ransomware
blackmatter_linux_decryptor
html_wasm
onenote_repeated_files
pdf_mht_activemime
msg_cve_2023_23397
onenote_rtlo_filename
zpaq_archives
onenote_windows_script_encoding_file
packers
anti_monitoring
Detect_DisableSEC_Unprotect
anti_debugging
anti_av
Detect_Monitoring_Unprotect
network_evasion
Detect_InjectCode_Unprotect
process_manipulating
Detect_DisableAV_Unprotect
DNSpionage
APT34_VALUEVAULT
APT34_PICKPOCKET
APT34_LONGWATCH
KPOT_v2
APT32_KerrDown
SilentTrinity_Payload
avemaria_warzone
EvilGnome_Linux
TA505_FlowerPippi
ACBackdoor_Linux
Dacls_Windows
winnti_linux
RedGhost_Linux
SilentTrinity_Delivery
APT32_Ratsnif
crescentcore_dmg
REMCOS_RAT_2019
Glupteba
godlua_linux
WatchBog_Linux
JSWorm
Dacls_Linux

Failed Tests

Detect_Sandbox_Unprotect
anti_sandboxing
dangerous-sites
suspicious_sites
ft_zip
findcrypt
powershell_obfuscation
svg_onload_onerror
packer_compiler_signatures
compiler

Issues

FILE   extern/frame_interpolation/moment.gif

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'VBoX' 4 16739387 0 b'VBoX'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'VBoX' 4 16739387 0 b'VBoX'
anti_sandboxing VBox_Detection $data1 False () b'VBoX' 4 16739387 0 b'VBoX'
anti_sandboxing VBox_Detection $dev3 False () b'VBoX' 4 16739387 0 b'VBoX'

FILE   extern/frame_interpolation/README.md

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
dangerous-sites SUSP_Websites $site_3 False christian-byrne () b'https://drive.google.com' 24 4500 0 b'https://drive.google.com'
suspicious_sites SUSP_Websites $site_3 False SECUINFRA Falcon Team () b'https://drive.google.com' 24 4500 0 b'https://drive.google.com'

FILE   extern/GFPGAN/tests/data/test_eye_mouth_landmarks.pth

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
ft_zip File type signature for basic ZIP files. ft_zip $pk False Jason Batchelor (Emerson) 20141217 b'PK\x03\x04' 4 0 0 b'PK\x03\x04'

FILE   extern/GFPGAN/inputs/whole_imgs/Blake_Lively.jpg

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
findcrypt Big_Numbers1 $c0 False _pusher_ () b'3B4FA5DCFE8411E68D2FD78047BA731E' 32 586 0 b'3B4FA5DCFE8411E68D2FD78047BA731E'
findcrypt Big_Numbers1 $c0 False _pusher_ () b'3B4FA5DBFE8411E68D2FD78047BA731E' 32 646 0 b'3B4FA5DBFE8411E68D2FD78047BA731E'
findcrypt Big_Numbers1 $c0 False _pusher_ () b'A35BF4747CFEE611997EACFC5D106142' 32 774 0 b'A35BF4747CFEE611997EACFC5D106142'

FILE   extern/GFPGAN/README.md

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
dangerous-sites SUSP_Websites $site_3 False christian-byrne () b'https://drive.google.com' 24 9709 0 b'https://drive.google.com'
suspicious_sites SUSP_Websites $site_3 False SECUINFRA Falcon Team () b'https://drive.google.com' 24 9709 0 b'https://drive.google.com'

FILE   utils.py

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
dangerous-sites SUSP_Websites $site_3 False christian-byrne () b'https://drive.google.com' 24 18945 0 b'https://drive.google.com'
suspicious_sites SUSP_Websites $site_3 False SECUINFRA Falcon Team () b'https://drive.google.com' 24 18945 0 b'https://drive.google.com'

FILE   examples/02-film_interpolation.json

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
findcrypt Big_Numbers0 $c0 False _pusher_ () b'18446744073709552000' 20 2724 0 b'18446744073709552000'
findcrypt Big_Numbers0 $c0 False _pusher_ () b'18446744073709552000' 20 8633 0 b'18446744073709552000'
findcrypt Big_Numbers0 $c0 False _pusher_ () b'18446744073709552000' 20 16429 0 b'18446744073709552000'

FILE   web/extern/shodown.min.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 9781 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 9810 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 9943 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 10025 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 10103 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 10126 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 10147 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 10168 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 10289 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 10324 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 10704 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 10841 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 12978 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 39219 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 39241 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 39263 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 39286 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 39307 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 39430 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 39497 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 39956 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 39978 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 40189 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 40212 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 40233 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 41345 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 42628 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 42784 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 42911 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 42935 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 43200 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 43270 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 43375 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 43504 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 43561 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 43807 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 44523 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 44540 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 44805 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 44823 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 44840 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 45592 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 45631 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 45663 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 45683 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 45791 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 45818 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 45878 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 45901 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 46172 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 46403 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 46424 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 46533 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 46735 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 46813 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 46839 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 48259 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 48288 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 48313 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 48408 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 48432 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 48622 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 48825 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 49115 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 49170 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 49207 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 49229 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 49454 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 49508 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 49762 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 49784 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 49805 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 49826 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 50115 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 50183 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 50219 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 50281 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 50358 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 50654 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 50933 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 50954 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 51094 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 51285 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 51841 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 51864 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 51883 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 52497 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 52854 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 53084 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 53426 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 53453 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 53493 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 53541 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 53846 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 53964 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 54817 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 54985 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 55506 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 55524 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 55545 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 55564 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 55583 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 55653 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 55671 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 55693 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 55714 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 55734 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 55757 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 55907 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 55971 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 56382 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 56422 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 56463 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 56829 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 56992 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 57015 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 57116 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 57266 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 57289 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 57539 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 57602 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 57820 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 57850 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 57995 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 58160 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 58405 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 58496 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 58576 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 58653 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 58756 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 58848 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 58969 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 59085 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 59188 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 59286 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 59395 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 59491 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 59718 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 60071 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 60252 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 60439 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 60662 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 60723 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 60812 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 60844 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 60884 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 61577 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 61745 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 61924 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 62119 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 62207 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 62314 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 62421 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 62443 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 62467 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 62491 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 62694 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 62729 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 62920 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 62941 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 63118 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 63390 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 63416 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 63540 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 63561 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 63799 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 64518 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 64550 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 64770 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 65180 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 65277 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 65400 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 65621 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 65800 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 65984 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 66044 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 66767 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 67318 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 67372 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 67504 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 67841 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 67913 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 67987 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 68071 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 68153 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 68391 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 70822 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 70845 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 73613 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 74607 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 74627 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 74711 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 74741 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 74770 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 74793 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 74839 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 74876 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 74915 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 74950 0 b'replace('

FILE   web/note_plus.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1643 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1656 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1679 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1643 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1656 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1679 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1643 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1656 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1679 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1643 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1656 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1679 0 b'vbox'

FILE   scripts/download_models.py

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
dangerous-sites SUSP_Websites $site_3 False christian-byrne () b'https://drive.google.com' 24 1705 0 b'https://drive.google.com'
suspicious_sites SUSP_Websites $site_3 False SECUINFRA Falcon Team () b'https://drive.google.com' 24 1705 0 b'https://drive.google.com'

FILE   __pycache__/utils.cpython-310.pyc

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
dangerous-sites SUSP_Websites $site_3 False christian-byrne () b'https://drive.google.com' 24 15339 0 b'https://drive.google.com'
suspicious_sites SUSP_Websites $site_3 False SECUINFRA Falcon Team () b'https://drive.google.com' 24 15339 0 b'https://drive.google.com'

FILE   html/js/saveTableData.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 147 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 237 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 147 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 237 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 147 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 237 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 147 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 237 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 147 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 237 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 147 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 237 0 b'identifier'

FILE   web_async/ace/mode-typescript.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 5824 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 13220 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 5824 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 13220 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 5824 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 13220 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 5824 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 13220 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 5824 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 13220 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 5824 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 13220 0 b'identifier'

FILE   web_async/ace/worker-css.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 98534 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 104107 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onerror False delivr.to () b'onerror' 7 561 0 b'onerror'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onerror False delivr.to () b'onError' 7 95554 0 b'onError'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onerror False delivr.to () b'onError' 7 96393 0 b'onError'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onerror False delivr.to () b'onError' 7 105848 0 b'onError'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onerror False delivr.to () b'onError' 7 105869 0 b'onError'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onerror False delivr.to () b'onError' 7 106161 0 b'onError'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 81994 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 100273 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 81994 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 100273 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 81994 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 100273 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 81994 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 100273 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 81994 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 100273 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 81994 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 100273 0 b'identifier'

FILE   web_async/ace/ext-emmet.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 730 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 1352 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 1422 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 3408 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 5111 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 5375 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 5489 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 6991 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 10421 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 10605 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 11471 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 11633 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 14912 0 b'replace('

FILE   web_async/ace/ext-options.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 7949 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 7959 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 7949 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 7959 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 7949 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 7959 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 7949 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 7959 0 b'vbox'

FILE   web_async/ace/theme-crimson_editor.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 611 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 611 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 611 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 611 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 611 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 611 0 b'identifier'

FILE   web_async/ace/theme-gruvbox_dark_hard.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 25 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 111 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 205 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 292 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 389 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 450 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 537 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 667 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 760 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 895 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 984 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1068 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1165 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1279 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1341 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1416 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1497 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1560 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1635 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1723 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1796 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1871 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1946 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2040 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2112 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2183 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2245 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2337 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2398 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2470 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2555 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2618 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2694 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2771 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2838 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2928 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 3011 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 3089 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 3162 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 3232 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 3466 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 3526 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 3608 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 3642 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 3804 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 25 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 111 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 205 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 292 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 389 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 450 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 537 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 667 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 760 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 895 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 984 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1068 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1165 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1279 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1341 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1416 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1497 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1560 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1635 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1723 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1796 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1871 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1946 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2040 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2112 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2183 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2245 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2337 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2398 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2470 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2555 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2618 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2694 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2771 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2838 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2928 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 3011 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 3089 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 3162 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 3232 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 3466 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 3526 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 3608 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 3642 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 3804 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 25 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 111 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 205 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 292 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 389 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 450 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 537 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 667 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 760 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 895 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 984 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1068 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1165 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1279 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1341 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1416 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1497 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1560 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1635 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1723 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1796 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1871 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1946 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2040 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2112 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2183 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2245 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2337 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2398 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2470 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2555 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2618 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2694 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2771 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2838 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2928 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 3011 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 3089 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 3162 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 3232 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 3466 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 3526 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 3608 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 3642 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 3804 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 25 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 111 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 205 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 292 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 389 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 450 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 537 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 667 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 760 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 895 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 984 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1068 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1165 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1279 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1341 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1416 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1497 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1560 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1635 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1723 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1796 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1871 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1946 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2040 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2112 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2183 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2245 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2337 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2398 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2470 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2555 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2618 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2694 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2771 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2838 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2928 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 3011 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 3089 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 3162 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 3232 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 3466 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 3526 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 3608 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 3642 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 3804 0 b'vbox'

FILE   web_async/ace/mode-markdown.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 60733 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onload False delivr.to () b'onload' 6 56751 0 b'onload'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onload False delivr.to () b'onload' 6 56760 0 b'onload'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onload False delivr.to () b'onload' 6 56775 0 b'onload'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onload False delivr.to () b'onload' 6 56794 0 b'onload'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onerror False delivr.to () b'onerror' 7 56674 0 b'onerror'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 15498 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 22894 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 67344 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 15498 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 22894 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 67344 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 15498 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 22894 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 67344 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 15498 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 22894 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 67344 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 15498 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 22894 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 67344 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 15498 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 22894 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 67344 0 b'identifier'

FILE   web_async/ace/ext-language_tools.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 730 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 1352 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 1422 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 3408 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 5111 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 5375 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 5489 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 6991 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 10421 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 10605 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 11471 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 11633 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 14912 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 52166 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 52234 0 b'replace('
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 31106 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 31257 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 31507 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 31528 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 31598 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 31675 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 31106 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 31257 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 31507 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 31528 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 31598 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 31675 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 31106 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 31257 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 31507 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 31528 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 31598 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 31675 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 31106 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 31257 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 31507 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 31528 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 31598 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 31675 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 31106 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 31257 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 31507 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 31528 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 31598 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 31675 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 31106 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 31257 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 31507 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 31528 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 31598 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 31675 0 b'Identifier'

FILE   web_async/ace/ext-error_marker.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext

FILE   web_async/ace/mode-svg.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 15716 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 23112 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 15716 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 23112 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 15716 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 23112 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 15716 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 23112 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 15716 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 23112 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 15716 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 23112 0 b'identifier'

FILE   web_async/ace/ext-prompt.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 9816 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 10438 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 10508 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 12494 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 14197 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 14461 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 14575 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 16077 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 19507 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 19691 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 20557 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 20719 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 23998 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 53767 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 58138 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 61767 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 62512 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 62801 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 62852 0 b'replace('
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 31106 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 31257 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 31507 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 31528 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 31598 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 31675 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 31106 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 31257 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 31507 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 31528 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 31598 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 31675 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 31106 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 31257 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 31507 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 31528 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 31598 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 31675 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 31106 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 31257 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 31507 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 31528 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 31598 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 31675 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 31106 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 31257 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 31507 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 31528 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 31598 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 31675 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 31106 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 31257 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 31507 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 31528 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 31598 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 31675 0 b'Identifier'

FILE   web_async/ace/mode-javascript.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 5824 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 13220 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 5824 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 13220 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 5824 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 13220 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 5824 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 13220 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 5824 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 13220 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 5824 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 13220 0 b'identifier'

FILE   web_async/ace/ext-settings_menu.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 7949 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 7959 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 7949 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 7959 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 7949 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 7959 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 7949 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 7959 0 b'vbox'

FILE   web_async/ace/snippets/json5.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext

FILE   web_async/ace/snippets/typescript.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext

FILE   web_async/ace/snippets/json.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext

FILE   web_async/ace/worker-base.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 134 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 949 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 969 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 991 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 19306 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 19360 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 19903 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 19984 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 20006 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 20028 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 20050 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 20123 0 b'replace('

FILE   web_async/ace/worker-json.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 134 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 949 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 969 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 991 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 19306 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 19360 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 19903 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 19984 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 20006 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 20028 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 20050 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 20123 0 b'replace('

FILE   web_async/ace/ext-themelist.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 512 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 522 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 512 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 522 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 512 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 522 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 512 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 522 0 b'vbox'

FILE   web_async/ace/theme-gruvbox.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 25 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 101 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 176 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 246 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 301 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 395 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 493 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 546 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 622 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 673 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 727 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 794 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 848 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 915 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 981 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1033 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1086 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1152 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1205 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1271 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1340 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1420 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1531 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1609 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1809 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2033 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2083 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2155 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2179 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2334 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 25 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 101 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 176 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 246 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 301 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 395 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 493 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 546 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 622 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 673 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 727 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 794 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 848 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 915 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 981 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1033 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1086 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1152 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1205 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1271 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1340 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1420 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1531 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1609 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1809 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2033 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2083 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2155 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2179 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2334 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 25 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 101 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 176 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 246 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 301 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 395 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 493 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 546 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 622 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 673 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 727 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 794 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 848 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 915 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 981 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1033 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1086 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1152 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1205 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1271 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1340 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1420 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1531 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1609 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1809 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2033 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2083 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2155 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2179 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2334 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 25 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 101 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 176 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 246 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 301 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 395 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 493 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 546 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 622 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 673 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 727 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 794 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 848 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 915 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 981 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1033 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1086 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1152 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1205 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1271 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1340 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1420 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1531 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1609 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1809 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2033 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2083 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2155 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2179 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2334 0 b'vbox'

FILE   web_async/ace/ext-inline_autocomplete.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 730 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 1352 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 1422 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 3408 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 5111 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 5375 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 5489 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 6991 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 10421 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 10605 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 11471 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 11633 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 14912 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 64560 0 b'replace('
powershell_obfuscation OBFUS_PowerShell_Common_Replace $replace False SECUINFRA Falcon Team () b'replace(' 8 64628 0 b'replace('
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 31106 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 31257 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 31507 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 31528 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 31598 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 31675 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 31106 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 31257 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 31507 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 31528 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 31598 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 31675 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 31106 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 31257 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 31507 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 31528 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 31598 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 31675 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 31106 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 31257 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 31507 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 31528 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 31598 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 31675 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 31106 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 31257 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 31507 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 31528 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 31598 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 31675 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 31106 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 31257 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 31507 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 31528 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 31598 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 31675 0 b'Identifier'

FILE   web_async/ace/mode-python.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 1176 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 1176 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 1176 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 1176 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 1176 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 1176 0 b'identifier'

FILE   web_async/ace/worker-javascript.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 488547 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 488562 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 488587 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 488609 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 488635 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 488647 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 488673 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 488694 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 488721 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 488751 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 488771 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 488793 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 488819 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 488841 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 488862 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 488887 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 488908 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 488933 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 488956 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 488977 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489011 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489030 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489051 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489079 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489102 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489116 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489136 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489158 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489170 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489196 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489219 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489258 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489278 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489296 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489314 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489329 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489343 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489365 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489391 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489412 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489444 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489465 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489492 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489525 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489550 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489580 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489611 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489642 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489670 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489691 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489712 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489733 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489754 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489775 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489803 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489824 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489845 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489870 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489896 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489918 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489944 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 489976 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490001 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490021 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490047 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490067 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490107 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490126 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490144 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490166 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490194 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490220 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490245 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490270 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490297 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490312 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490331 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490353 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490375 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490394 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490409 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490428 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490444 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490457 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490474 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490492 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490520 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490536 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490555 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490575 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490593 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490606 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490628 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490654 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490667 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490684 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490696 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490714 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490728 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490748 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490768 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490791 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490820 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490849 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490884 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490919 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490952 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 490985 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491024 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491063 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491086 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491119 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491152 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491175 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491206 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491237 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491255 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491278 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491301 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491322 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491334 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491350 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491371 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491393 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491419 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491447 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491458 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491476 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491498 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491501 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491515 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491535 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491552 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491570 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491587 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491602 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491621 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491641 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491661 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491679 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491698 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491710 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491735 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491753 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491775 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491804 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491823 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491839 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491859 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491879 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491898 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491914 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491931 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491950 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491968 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 491983 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onload False delivr.to () b'onload' 6 488161 0 b'onload'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onerror False delivr.to () b'onerror' 7 561 0 b'onerror'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onerror False delivr.to () b'onerror' 7 488139 0 b'onerror'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onerror False delivr.to () b'onError' 7 496422 0 b'onError'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onerror False delivr.to () b'onError' 7 497947 0 b'onError'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onerror False delivr.to () b'onError' 7 497985 0 b'onError'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onerror False delivr.to () b'onError' 7 498428 0 b'onError'
findcrypt Big_Numbers0 $c0 False _pusher_ () b'7976931348623157e308' 20 339759 0 b'7976931348623157e308'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 22546 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 22734 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 22762 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 22817 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 31915 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 40592 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 346895 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 360481 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 361391 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 361428 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 361465 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 361503 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 366993 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 368893 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 369631 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 369789 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 370169 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 370238 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 370310 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 371240 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 371477 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 371725 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 371775 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 372408 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 372795 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 373753 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 375118 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 375535 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 375613 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 377376 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 378396 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 380002 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 381437 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 386756 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 387108 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 387617 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 387883 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 388904 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 389000 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 389625 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 392469 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 392491 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 392510 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 392776 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 397254 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 397691 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 398092 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 398914 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 399373 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 400697 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 402992 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 404511 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 406310 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 406623 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 407087 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 407132 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 407387 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 407581 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 409449 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 409837 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 412783 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 413168 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 413630 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 415255 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 415637 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 416108 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 416414 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 416658 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 417041 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 417086 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 417274 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 418787 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 419047 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 419294 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 420986 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 421096 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 423323 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 424979 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 426818 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 426850 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 429959 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 429989 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 430019 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 430062 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 430107 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 430138 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 434663 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 435459 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 435625 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 446235 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 447536 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 447892 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 447909 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 448007 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 448234 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 449633 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 449663 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 449837 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 450859 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 450908 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 450941 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 450989 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 451029 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 451087 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 451131 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 451185 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 452711 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 455674 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 459502 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 462640 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 465023 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 476524 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 476670 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 476818 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 484905 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 22546 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 22734 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 22762 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 22817 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 31915 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 40592 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 346895 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 360481 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 361391 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 361428 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 361465 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 361503 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 366993 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 368893 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 369631 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 369789 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 370169 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 370238 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 370310 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 371240 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 371477 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 371725 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 371775 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 372408 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 372795 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 373753 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 375118 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 375535 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 375613 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 377376 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 378396 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 380002 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 381437 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 386756 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 387108 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 387617 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 387883 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 388904 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 389000 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 389625 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 392469 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 392491 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 392510 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 392776 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 397254 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 397691 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 398092 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 398914 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 399373 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 400697 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 402992 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 404511 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 406310 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 406623 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 407087 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 407132 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 407387 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 407581 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 409449 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 409837 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 412783 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 413168 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 413630 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 415255 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 415637 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 416108 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 416414 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 416658 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 417041 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 417086 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 417274 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 418787 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 419047 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 419294 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 420986 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 421096 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 423323 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 424979 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 426818 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 426850 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 429959 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 429989 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 430019 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 430062 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 430107 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 430138 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 434663 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 435459 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 435625 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 446235 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 447536 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 447892 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 447909 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 448007 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 448234 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 449633 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 449663 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 449837 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 450859 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 450908 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 450941 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 450989 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 451029 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 451087 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 451131 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 451185 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 452711 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 455674 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 459502 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 462640 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 465023 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 476524 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 476670 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 476818 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 484905 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 22546 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 22734 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 22762 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 22817 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 31915 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 40592 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 346895 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 360481 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 361391 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 361428 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 361465 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 361503 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 366993 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 368893 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 369631 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 369789 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 370169 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 370238 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 370310 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 371240 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 371477 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 371725 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 371775 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 372408 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 372795 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 373753 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 375118 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 375535 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 375613 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 377376 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 378396 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 380002 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 381437 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 386756 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 387108 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 387617 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 387883 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 388904 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 389000 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 389625 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 392469 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 392491 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 392510 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 392776 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 397254 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 397691 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 398092 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 398914 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 399373 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 400697 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 402992 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 404511 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 406310 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 406623 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 407087 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 407132 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 407387 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 407581 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 409449 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 409837 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 412783 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 413168 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 413630 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 415255 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 415637 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 416108 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 416414 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 416658 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 417041 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 417086 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 417274 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 418787 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 419047 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 419294 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 420986 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 421096 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 423323 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 424979 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 426818 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 426850 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 429959 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 429989 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 430019 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 430062 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 430107 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 430138 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 434663 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 435459 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 435625 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 446235 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 447536 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 447892 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 447909 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 448007 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 448234 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 449633 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 449663 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 449837 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 450859 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 450908 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 450941 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 450989 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 451029 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 451087 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 451131 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 451185 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 452711 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 455674 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 459502 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 462640 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 465023 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 476524 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 476670 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 476818 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 484905 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 22546 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 22734 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 22762 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 22817 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 31915 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 40592 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 346895 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 360481 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 361391 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 361428 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 361465 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 361503 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 366993 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 368893 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 369631 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 369789 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 370169 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 370238 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 370310 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 371240 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 371477 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 371725 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 371775 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 372408 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 372795 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 373753 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 375118 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 375535 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 375613 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 377376 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 378396 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 380002 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 381437 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 386756 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 387108 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 387617 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 387883 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 388904 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 389000 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 389625 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 392469 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 392491 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 392510 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 392776 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 397254 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 397691 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 398092 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 398914 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 399373 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 400697 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 402992 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 404511 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 406310 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 406623 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 407087 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 407132 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 407387 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 407581 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 409449 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 409837 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 412783 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 413168 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 413630 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 415255 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 415637 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 416108 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 416414 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 416658 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 417041 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 417086 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 417274 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 418787 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 419047 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 419294 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 420986 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 421096 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 423323 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 424979 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 426818 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 426850 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 429959 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 429989 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 430019 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 430062 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 430107 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 430138 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 434663 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 435459 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 435625 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 446235 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 447536 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 447892 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 447909 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 448007 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 448234 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 449633 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 449663 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 449837 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 450859 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 450908 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 450941 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 450989 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 451029 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 451087 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 451131 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 451185 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 452711 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 455674 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 459502 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 462640 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 465023 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 476524 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 476670 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 476818 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 484905 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 22546 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 22734 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 22762 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 22817 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 31915 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 40592 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 346895 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 360481 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 361391 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 361428 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 361465 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 361503 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 366993 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 368893 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 369631 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 369789 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 370169 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 370238 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 370310 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 371240 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 371477 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 371725 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 371775 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 372408 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 372795 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 373753 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 375118 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 375535 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 375613 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 377376 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 378396 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 380002 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 381437 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 386756 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 387108 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 387617 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 387883 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 388904 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 389000 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 389625 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 392469 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 392491 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 392510 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 392776 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 397254 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 397691 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 398092 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 398914 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 399373 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 400697 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 402992 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 404511 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 406310 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 406623 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 407087 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 407132 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 407387 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 407581 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 409449 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 409837 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 412783 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 413168 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 413630 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 415255 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 415637 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 416108 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 416414 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 416658 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 417041 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 417086 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 417274 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 418787 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 419047 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 419294 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 420986 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 421096 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 423323 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 424979 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 426818 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 426850 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 429959 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 429989 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 430019 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 430062 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 430107 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 430138 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 434663 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 435459 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 435625 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 446235 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 447536 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 447892 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 447909 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 448007 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 448234 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 449633 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 449663 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 449837 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 450859 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 450908 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 450941 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 450989 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 451029 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 451087 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 451131 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 451185 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 452711 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 455674 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 459502 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 462640 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 465023 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 476524 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 476670 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 476818 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 484905 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 22546 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 22734 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 22762 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 22817 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 31915 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 40592 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 346895 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 360481 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 361391 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 361428 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 361465 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 361503 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 366993 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 368893 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 369631 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 369789 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 370169 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 370238 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 370310 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 371240 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 371477 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 371725 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 371775 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 372408 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 372795 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 373753 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 375118 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 375535 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 375613 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 377376 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 378396 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 380002 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 381437 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 386756 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 387108 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 387617 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 387883 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 388904 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 389000 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 389625 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 392469 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 392491 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 392510 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 392776 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 397254 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 397691 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 398092 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 398914 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 399373 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 400697 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 402992 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 404511 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 406310 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 406623 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 407087 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 407132 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 407387 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 407581 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 409449 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 409837 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 412783 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 413168 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 413630 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 415255 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 415637 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 416108 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 416414 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 416658 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 417041 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 417086 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 417274 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 418787 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 419047 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 419294 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 420986 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 421096 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 423323 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 424979 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 426818 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 426850 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 429959 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 429989 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 430019 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 430062 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 430107 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 430138 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 434663 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 435459 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 435625 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 446235 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 447536 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 447892 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 447909 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 448007 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 448234 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 449633 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 449663 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 449837 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 450859 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 450908 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 450941 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 450989 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 451029 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 451087 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 451131 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 451185 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 452711 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 455674 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 459502 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 462640 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 465023 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 476524 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 476670 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 476818 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 484905 0 b'Identifier'

FILE   web_async/ace/theme-ambiance.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 2538 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 2538 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 2538 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 2538 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 2538 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 2538 0 b'identifier'

FILE   web_async/ace/ace.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'Svg' 3 61061 0 b'Svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 61086 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'Svg' 3 294747 0 b'Svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'Svg' 3 303502 0 b'Svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 303534 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'Svg' 3 303576 0 b'Svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 303601 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'Svg' 3 305668 0 b'Svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 347798 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 347985 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 350841 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 350898 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 351343 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 351402 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 351886 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 351942 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 352487 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 352549 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 354310 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 354374 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 362859 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 363127 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'Svg' 3 403614 0 b'Svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'Svg' 3 403668 0 b'Svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onload False delivr.to () b'onload' 6 11702 0 b'onload'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onload False delivr.to () b'onload' 6 11818 0 b'onload'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onerror False delivr.to () b'onerror' 7 407988 0 b'onerror'

FILE   web_async/ace/theme-gruvbox_light_hard.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 25 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 112 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 207 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 295 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 390 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 452 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 540 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 671 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 765 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 898 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 988 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1073 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1171 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1283 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1346 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1422 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1504 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1568 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1644 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1733 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1807 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1883 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 1959 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2054 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2127 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2199 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2262 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2355 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2417 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2490 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2576 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2640 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2717 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2795 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2863 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 2954 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 3038 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 3117 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 3191 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 3262 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 3479 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 3813 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 3874 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 3957 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 3992 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $data1 False () b'vbox' 4 4155 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 25 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 112 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 207 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 295 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 390 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 452 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 540 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 671 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 765 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 898 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 988 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1073 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1171 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1283 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1346 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1422 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1504 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1568 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1644 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1733 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1807 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1883 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 1959 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2054 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2127 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2199 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2262 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2355 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2417 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2490 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2576 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2640 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2717 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2795 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2863 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 2954 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 3038 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 3117 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 3191 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 3262 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 3479 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 3813 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 3874 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 3957 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 3992 0 b'vbox'
Detect_Sandbox_Unprotect VBox_Detection $dev3 False () b'vbox' 4 4155 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 25 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 112 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 207 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 295 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 390 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 452 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 540 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 671 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 765 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 898 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 988 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1073 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1171 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1283 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1346 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1422 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1504 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1568 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1644 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1733 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1807 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1883 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 1959 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2054 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2127 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2199 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2262 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2355 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2417 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2490 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2576 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2640 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2717 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2795 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2863 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 2954 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 3038 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 3117 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 3191 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 3262 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 3479 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 3813 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 3874 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 3957 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 3992 0 b'vbox'
anti_sandboxing VBox_Detection $data1 False () b'vbox' 4 4155 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 25 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 112 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 207 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 295 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 390 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 452 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 540 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 671 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 765 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 898 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 988 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1073 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1171 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1283 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1346 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1422 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1504 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1568 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1644 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1733 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1807 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1883 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 1959 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2054 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2127 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2199 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2262 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2355 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2417 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2490 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2576 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2640 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2717 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2795 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2863 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 2954 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 3038 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 3117 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 3191 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 3262 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 3479 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 3813 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 3874 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 3957 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 3992 0 b'vbox'
anti_sandboxing VBox_Detection $dev3 False () b'vbox' 4 4155 0 b'vbox'

FILE   web_async/ace/mode-html.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 56088 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onload False delivr.to () b'onload' 6 52106 0 b'onload'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onload False delivr.to () b'onload' 6 52115 0 b'onload'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onload False delivr.to () b'onload' 6 52130 0 b'onload'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onload False delivr.to () b'onload' 6 52149 0 b'onload'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onerror False delivr.to () b'onerror' 7 52029 0 b'onerror'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 5824 0 b'identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 13220 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 5824 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 13220 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 5824 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 13220 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 5824 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 13220 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 5824 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 13220 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 5824 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 13220 0 b'identifier'

FILE   web_async/ace/theme-sqlserver.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'identifier' 10 375 0 b'identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'identifier' 10 375 0 b'identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'identifier' 10 375 0 b'identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'identifier' 10 375 0 b'identifier'
anti_sandboxing VBox_Detection $dev2 False () b'identifier' 10 375 0 b'identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'identifier' 10 375 0 b'identifier'

FILE   web_async/ace/worker-html.js

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 22967 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 32484 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 33501 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 77042 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 77055 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 86219 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 86289 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 86388 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 94226 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 94243 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 94271 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 115811 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 123249 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 123285 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 123320 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'svg' 3 123414 0 b'svg'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 123421 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 123464 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 123855 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $svg False delivr.to () b'SVG' 3 124874 0 b'SVG'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onerror False delivr.to () b'onerror' 7 561 0 b'onerror'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onerror False delivr.to () b'onError' 7 193866 0 b'onError'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onerror False delivr.to () b'onError' 7 195332 0 b'onError'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onerror False delivr.to () b'onError' 7 195370 0 b'onError'
svg_onload_onerror SUSP_SVG_Onload_Onerror_Jul23 $onerror False delivr.to () b'onError' 7 195813 0 b'onError'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 140934 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 140958 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 146325 0 b'Identifier'
Detect_Sandbox_Unprotect Qemu_Detection $dev2 False () b'Identifier' 10 146347 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 140934 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 140958 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 146325 0 b'Identifier'
Detect_Sandbox_Unprotect VBox_Detection $dev2 False () b'Identifier' 10 146347 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 140934 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 140958 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 146325 0 b'Identifier'
Detect_Sandbox_Unprotect VMWare_Detection $dev2 False () b'Identifier' 10 146347 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 140934 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 140958 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 146325 0 b'Identifier'
anti_sandboxing Qemu_Detection $dev2 False () b'Identifier' 10 146347 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 140934 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 140958 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 146325 0 b'Identifier'
anti_sandboxing VBox_Detection $dev2 False () b'Identifier' 10 146347 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 140934 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 140958 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 146325 0 b'Identifier'
anti_sandboxing VMWare_Detection $dev2 False () b'Identifier' 10 146347 0 b'Identifier'

FILE   errors.py

Test Name Test Description Match Rule Match String Is XOR Author Test Creation Date Matched data Length Offset XOR key Plaintext