Changed | Name |
Tools |
| 3102 RAT |
| 3PARA RAT |
| 3Rat Client |
| 404-Input-shell web shell |
| 4H RAT |
| 7Logger |
| 7-Zip |
| 888 RAT |
| 8.t Dropper, 8.t RTF exploit builder, 8t_dropper, RoyalRoad |
| 9002 RAT, McRAT, Hydraq, HOMEUNIX, Aurora, Roarur |
| AbaddonPOS |
| AceHash |
| ActionSpy |
| Acunetix Web Vulnerability Scanner |
| adbupd |
| AdFind |
| AdobeARM |
| ADORE.XSEC |
| AdvisorsBot |
| Adzok, Invisible Remote Administrator |
| Agent.BTZ, Chinch, Sun rootkit |
| Agent.DNE |
 | Agent Tesla, AgentTesla, Origin Logger |
 | agfSpy |
| Aggah |
| AIRBREAK, Orz |
| Alice, AliceATM, PrAlice, Project Alice |
| AlienSpy |
| Alina POS, Track, alina_eagle, alina_spark, aline_joker, katrina |
| Alma Communicator |
| ALPC Local PrivEsc |
| Amadey |
| AMTsol |
| Anchor |
| Andaratm |
| AndoServer |
| Android RAT |
| Andromeda, Gamarue, B106-Gamarue, B67-SS-Gamarue, b66 |
| AndroMut, Gelup |
| AndroRAT |
| Anel, UpperCut |
| Antak |
| Antd, GreedyAntd |
| Anubis, BankBot, Go_P00t |
| AnubisSpy |
| ApacheStealer |
| Apocalipto |
| AppleJeus |
 | AppleSeed |
| APT3 Keylogger |
| AresRAT, Ares |
| Aria-body, AR |
| Aria-body loader |
| ARTFULPIE |
| ArtraDownloader |
| Aryan |
| Asacub |
| ASPXSpy |
| Asruex |
| Astra |
| AsyncRAT |
| ATI-Agent |
| ATMDtrack |
| ATMii |
| ATMitch |
| Atmos |
| Atmosphere |
| ATMRipper, Ripper, Ripper ATM |
| ATMSpitter |
| AtNow |
| AuditCred, ROptimizer |
| August Stealer |
| AUMLIB, yayih, bbsinfo, mswab, Graftor |
| Auriga, Riodrv |
| AutoIt backdoor |
| Avalanche |
| Ave Maria, AVE_MARIA, AveMariaRAT, Warzone RAT, avemaria |
| Aversome infector |
| AZORult, PuffStealer, Rultazo |
| Babar, SNOWBALL |
| BABYMETAL |
| BabyShark |
| BackBend |
| BackConfig |
| Backdoor Batel, Batel |
| Backoff |
| Backspace, Lecna |
| Backswap |
| BADCALL |
| BADFLICK |
| BadHatch |
| BADNEWS |
| BadPatch |
| BadRabbit |
| Bahamut |
| Baka |
| Banatrix |
 | Bandook |
| bangat |
| Banjori, BankPatch, BackPatcher, MultiBanker 2 |
| Bankshot |
| BanSwift |
| BARBWIRE |
| Barlaiy, POISONPLUG |
| Bart |
| Bateleur |
 | BazarBackdoor, BazarLoader |
| BBSRAT |
| BeEF |
| beendoor |
| BELLHOP |
| Bemstour |
| Benghazi.exe |
| BernhardPOS |
| BetaBot, Neurevt |
| Bezigate |
| BIFROST |
| Bioazih |
| BIOLOAD |
| BISCUIT, zxdosml |
| Bisonal, Korlia |
| BISTROMATH |
| BitPaymer, FriedEx, IEncrypt |
| Bitsran, SHADYCAT |
| BitterRAT |
| BlackCoffee |
| BlackEnergy |
| Black Lambert |
| BlackMould |
| BlackPOS, FrameworkPOS, Kaptoxa, POSWDS, Reedum |
| BlackRAT |
| BlackRock |
| BLINDINGCAN |
| BlindToad |
| Blogspot |
| BloodHound |
| BLUESTEAL |
| Blue Lambert |
| Bluether |
| BokBot, IcedID, IceID |
| BONDUPDATER, Poison Frog, Glimpse |
| Bookcode |
| Bookworm |
| Boostwrite |
| BootWreck, MBRkiller |
| Bouncer |
| Bourbon |
| Bozok, Bozok RAT |
| Brambul, SierraBravo, SORRYBRUTE |
| Brave Prince |
| BreachRAT |
| Briba |
| BrowsingHistoryView |
| BrutishCommand |
| BrutPOS |
| BS2005 |
| BUBBLEWRAP |
| BUFFETLINE |
| Buhtrap, Ratopak |
 | BumbleBee |
| Buran |
| Byeby |
| Bypass-UAC |
| C0d0so0 |
| Cachedump |
| CACTUSTORCH |
| Cadelspy, Cadelle, WinSpy |
| Cahnadr, NDriver |
| Cain & Abel |
| CALENDAR |
| Calfbot |
| callCam |
| CallMe |
| Calypso RAT |
| CamCapture Plugin |
| CamuBot |
| Cannon |
| CapturaTela |
| Carbanak, Anunak, Sekur |
| CarbonSteal |
| Cardinal RAT |
| Careto, Mask, Appetite |
| CARROTBALL |
| CARROTBAT |
 | CASHY200 |
| Casper |
| Castov |
| Catchamas |
| Catelites Bot |
 | ccf32 |
| CDorked, CDorked.A |
| CenterPOS, Cerebrus |
| Cerberus |
| certutil |
| CHAINSHOT |
| ChChes, HAYMAKER, Ham Backdoor, Scorpion |
| CheeseTray, CROWDEDFLOUNDER |
| Cherry Picker, Cherry Picker POS, cherry_picker |
| ChewBacca |
| China Chopper, SinoChopper |
 | Chinoxy |
| Chocopop |
| ChromeCookiesView |
| ChromePass |
| chrome-passwords |
| Chthonic, AndroKINS |
 | Circles |
| Citadel |
| CLAMBLING |
| Clayslide |
| Cleaner |
| CleanToad |
| ClientTraficForwarder |
 | Clop, Cl0p |
| CloudDuke, MiniDionis, CloudLook |
| CLOUDSTATS |
| CmdSQL |
| Cmstar, meciv |
 | Cobalt Strike, BEACON |
| CobInt, COOLPANTS |
| Cobra Carbon System, Carbon, Pfinet |
| COLDJAVA |
| Combos |
| Comfoo, Comfoo RAT |
| Commix |
| Comnie |
| COMpfun, Reductor RAT |
| Computrace, LoJack |
| ComRAT |
| Concealment Troy |
| Confucius |
 | Conti |
| Contopee, WHITEOUT |
| CookieBag, TROJAN.COOKIES |
| COPPERHEDGE |
| CORALDECK |
| CoreBot |
| Corentry, Fluxwire |
| CORESHELL, SOURFACE, Sofacy |
| Corkow |
| CosmicDuke, TinyBaron, BotgenStudios, NemesisGemina |
 | CostaBricks |
| Cotx RAT |
| CozyDuke, CozyCar, CozyBear, Cozer, EuroAPT |
| CrackMapExec |
| Crackshot |
| Creamsicle |
| CredRaptor |
| CREDRIVER |
| Cridex, Bugat, Feodo |
| Crimson RAT, SEEDOOR, Scarimson, MSIL |
| CronBot |
| CrossRAT, Trupto |
| CrossWalk |
 | Crutch |
| Cryptcat |
| CrypticConvo |
| CryptoLocker |
| CryptoMix, CryptFile2, Zeta, CryptoShield |
| CryptoWall |
| CsExt |
 | CSPY Downloader |
| Cutlet Maker |
| Cutwail, Pushdo |
| CWoolger, Woolger, WoolenLogger |
| Cyan Lambert |
| CyberGate RAT, Rebhip |
| Cyst Downloader |
| Dacls RAT |
| DADJOKE |
| Dadstache |
| Dagger Three |
| Dairy |
| DanaBot |
| DanBot |
| DanDrop |
| DarkComet, DarkKomet, Fynloski, FYNLOS, klovbot, Krademok |
| DarkHotel |
| DarkPulsar |
| Dark Tequila |
| DarkVNC |
| DarthPusher |
| Daserf, Muirim, Nioupale |
| Datper |
| DbxDump Utility |
| DCSync |
| DDG |
| DDKONG |
| DEADEYE |
| DealersChoice |
| DebugView |
| Decebal |
| Decrypt-RDCMan.ps1 |
| DELPHSTATS |
| DeltaCharlie |
| Dendroid |
| Denis |
| Depriz |
| DeputyDog, Fexel |
| Derusbi, PHOTO, Atros2.CKPN |
| Desert Scorpion |
| Destover, Sierras |
| Dexbia |
| Dexter, LusyPOS, StarDust |
| dfrgntfs5.sqt |
| DILLJUICE |
| DILLWEED |
| Dino |
| Dirsearch |
| DIRTCLEANER, CCleaner Backdoor |
| Distribute.exe |
| DistTrack, Shamoon |
| DKMC |
| DmaUp3.exe |
| DMSniff |
| dmsSpy |
 | dneSpy |
| DNSExfitrator |
| DNSMessenger, TEXTMATE |
| DNSpionage, Agent Drable, Webmask |
| DNSRat, DNSbot |
| DOGCALL |
| DoppelPaymer |
| Dorshel |
| DoubleAgent |
| DOUBLEFANTASY |
| DoublePulsar |
| DoubleT |
| Downdelph, Delphacy |
| Downeks |
| DownPaper |
| Dozer, Mytob |
| DreamBot |
| Dridex, Bugat |
| DRIFTPIN, Toshliph, Spy.Agent.ORM |
| DRIGO |
| DroidJack, SandroRAT |
| DroidPlugin |
 | DropBook |
| Dropbox |
| Drovorub |
| Drupalgeddon |
| Dtrack |
| Dudear |
| Dudell |
| Duqu, Tilded |
| Dustman |
| DustySky, NeD Worm |
| Duuzer |
| DvDupdate.dll |
| DyePack, swift |
| Dyre, Dyreza, Dyzap, Dyranges |
| EarthWorm |
| EasyNight |
| Ebury |
| ECCENTRICBANDWAGON |
| EHDevel |
| EKANS, Snake |
| ELECTRICFISH, Alreay |
| Elirks |
| Elise, BKDR_ESILE |
| ELMER, Elmost |
| EmailStealer |
| EMASTEAL |
| Emdivi, Newsripper |
| Emissary |
 | Emotet, Geodo, Heodo |
| EmpireDNSAgent, EDA |
| EmpireProject, Empire, EmPyre, PowerShell Empire |
| Enfal, Lurid |
| Eomobi |
| Epic, Epic Turla, Tavdig, Wipbot, WorldCupSec, TadjMakhal |
| EQUATIONDRUG, EQUESTRE |
| EQUATIONLASER |
| Erebus |
| EternalBlue |
| EternalRomance |
| ETUMBOT, RIPTIDE, HIGHTIDE, Exploz, Specfix |
| EvilBunny |
| EvilGnome |
| EvilGrab RAT, EvilGrab, Vidgrab, Wmonder, BKDR_HGDER, BKDR_EVILOGE, BKDR_NVICM |
| Evilnum, Marvel |
| Exaramel |
| Excalibur, Sabresac, Saber |
| ExDudell |
| ExileRAT |
| ExoBot |
| Explosive |
| EYE |
| EYService |
| FakeFish |
| FakeHighFive |
| FakeM, FakeM RAT, Terminator RAT |
| FakeTC |
| FALLCHILL, FallChill RAT |
| FANNY |
| Farse |
| Farseer |
| FASTCash |
| FastPOS |
| FatDuke |
| Felismus |
| Felixroot, GreyEnergy mini |
| FighterPOS |
| Filerase |
 | Filepak |
 | FilepakMonitor |
| Fimlis |
| Final1stSpy |
| FindPOS, PoSeidon |
| FinFisher, FinFisher RAT, FinSpy |
| fingerprintjs2 |
| FireMalv |
| FireMaster |
| Flame, Flamer, sKyWIper, Skywiper |
| Flapjack |
| Flashflood |
| FlawedAmmyy, AmmyyRAT |
| FlawedGrace, GraceWire |
| FLIPSIDE |
| FlokiBot |
| FlowCloud |
| FLOWERPIPE |
| FlowerPippi |
 | FlowerPower |
| FlyingDutchman |
| Fobber |
| Foozer |
| FORKBEARD |
| Formbook |
| FormerFirstRAT, FF-RAT, ffrat |
| Fox Panel |
| FRAUDROP |
| Freenki Loader |
| FrozenCell |
| FRP, Fast Reverse Proxy |
| FruityC2 |
| FullThrottle |
 | FunnyDream |
| GamaPOS |
| Gamaredon |
| GameOver Zeus, Peer-to-Peer Zeus, P2P Zeus, GOZ |
| GandCrab, GrandCrab |
| Gazer, WhiteBear |
| Gcat |
| GCMAN |
| GDOCUPLOAD |
| GearShift |
| GELCAPSULE |
| Gelup |
| Gemcutter |
| GeminiDuke |
| Get2, FRIENDSPEAK, GetandGo |
| Get-LAPSP.ps1 |
| get-logon-history.ps1 |
| GetMail |
| GetMyPass |
| Gh0stnet, Ghostnet, Remosh |
| Gh0st RAT, Ghost RAT, AngryRebel, Farfli, PCRat, Moudour, Mydoor |
| Ghambar |
| Ghole, Gholee, Core Impact (modified) |
| GlanceLove, WinkChat |
| GLASSES |
| GlitchPOS |
| GlobeImposter, Fake Globe |
| GLOOXMAIL, Trojan.GTALK |
| glue30.dll |
| GnatSpy |
| Godlua |
| Godzilla, Godzilla Loader |
| GOGGLES, TROJAN.FOXY |
| Gold Dragon |
| GoldenEagle |
| GoldenRAT |
| GollumApp |
| Gon |
| Goodor, Fuerboos |
| GoogleDrive RAT |
| Goopy |
| Gootkit, Xswkit, talalpek |
| Gophe |
| Gorynych, Diamond Fox |
| Gozi, CRM, Gozi CRM, Papras, Ursnif, Snifula |
| Gozi ISFB, ISFB, Pandemyia |
| Gozi v2, Gozi Prinimalka, Prinimalka-Gozi |
| GozNym |
| gpresult, Group Policy Results Tool |
| GpUpdates.exe |
| Grandoreiro |
| Grateful POS, TRINITY |
| GRAYFISH |
| Gray Lambert |
| Grease |
| GREENCAT |
| GreenDispenser |
| Green Lambert |
| GreezeBackdoor |
| GreyEnergy |
| Griffon |
| GRILLMARK |
| GROK |
| gsecdump |
| GuLoader |
| GUP Proxy Tool |
| H1N1 Loader, H1N1 |
| Hackfase |
| HALFBAKED, VB Flash |
| HammerDuke, HAMMERTOSS, NetDuke |
| Hannotog |
| HAPPYWORK |
| HARDRAIN |
| Harpoon, Garpun |
| Harpy |
| Havex RAT, Oldrea, Fertger, PEACEPIPE |
| Havij |
| Hawup, Hawup RAT |
| hcdLoader |
| HDoor |
| HDRoot, HDD Rootkit |
| Helauto |
| Hello EK, LightsOut 2.0 |
| Helminth |
| HenBox |
| Heriplor |
| Hermes |
| HesperBot |
| HiddenLotus |
| HIDEDRV |
| HighNoon |
| HighNote, ChyNode |
| HiKit |
| Hisoka |
| HKDOOR |
| HomamDownloader |
| HOMEFRY |
| HOPLIGHT, HANGMAN |
| HOTCROISSANT |
| HotelAlfa |
| Hotwax |
| HtDnDownLoader |
| HTML5 Encoding |
| HTran, HUC Packet Transmit Tool |
| HTTPBrowser, HttpBrowser RAT, TokenControl |
| httpclient |
| Http Dr0pper |
| HTTP Troy |
| HTTPTunnel |
| HummingBad |
| HummingWhale |
| Hunter |
| Hupigon, Hupigon RAT, BKDR_HUPIGON, MFC Huner |
| Hurix |
| Hussar |
| H-Worm, H-Worm RAT, Houdini RAT, Iniduoh, Jenxcus, Kognito, WSHRAT |
| HyperBro |
 | HyperStack |
| IAP |
| IceCube |
| IcedCoffee |
| Icefog, Fucobha |
| Ice IX |
| IconDown |
| IE PassView |
| IGT supertool, Information Gathering Tool |
| IHEATE |
| Imecab |
| Imminent Monitor RAT, Imminent Monitor |
| Impacket |
| Inception |
| Industroyer, Crash, CrashOverride |
| Infostealer, stereoversioncontrol |
| Infy, Foudre |
| INSOMNIA |
| Inveigh |
| InvisiMole |
| Invoke-SMBAutoBrute |
| Invoke the Hash |
| IRONHALO |
| IronPython |
| IRONSQUIRREL |
| ISMAgent |
| ISMDoor |
| ISMInjector, Agent Injector |
| IsSpace, NfLog RAT |
| Ivoke |
| IXESHE |
| JackOfHearts |
| JackPOS |
| JadeRAT |
| Jaff |
| Janicab |
| Jason |
| Jasus |
| Javafog |
| JESTBOT |
| JhoneRAT |
| JHUHUGIT, Seduploader, JKEYSKW, Sednit, Downrage, GAMEFISH, carberplike, SofacyCarberp, Carberp |
| Joanap, SierraJuliett-MikeOne, SierraJuliett-MikeTwo |
| Jokra, KillMBR, Dembr |
| JPIN |
 | JRat, Jacksbot |
| JripBot, Jiripbot |
| JS Flash |
| JsonCookies |
| jsp File browser |
| JSPSPY |
 | JSSLoader |
| JuicyPotato |
| Jumpall |
| KAgent |
| KARAE |
| Karagany, Karagny |
| Karba, Trojan.Win32.Karba.e |
| Karius |
| Karkoff, MailDropper, DropperBackdoor |
| KasperAgent |
 | Kazuar |
| KeeThief |
| Kegotip |
| Kelihos, Waledac, Hlux |
| Kerberoast |
| Kerberods |
| KerrDown |
| Ketrican |
| Ketrum |
| KevDroid |
| KeyBoy, TSSL |
| KEYMARBLE |
 | Keyrecord |
 | KGH_SPY, KGH Spyware Suite |
| KHRAT |
| Kikothac |
| KillDisk |
| Killua |
| KimJongRAT |
| Kimsuky |
| KingOfHearts |
| KINS, Zeus.Maple, Kasper Internet Non-Security |
| Kitkiot |
| KIVARS |
| kl.ps1 |
| KLRD |
| Koadic |
| Komplex |
| KOMPROGO, Splinter RAT |
| Konni |
| KopiLuwak |
| Koredos |
| Korkerds |
| KPortScan |
| KRBanker, Blackmoon |
| Kronos, Osiris |
| KSL0T |
| Kurton |
| Kwampirs |
| Lambert, Plexor |
| Lastacloud |
| LATELUNCH |
| LaZagne |
| Lazarus, HIDDEN COBRA RAT/Worm |
| LazyCat |
| Leash |
| Leo RAT |
| LEOUNCIA, shoco |
| Licat, Murofet |
| liderc |
| LIFEBOAT |
| LIGHTBOLT |
 | LightBot |
| LIGHTDART |
| LightNeuron, NETTRANS, XTRANS |
| LightsOut EK |
| lightSpy |
| Lilith RAT, Lilith |
| LimeRAT |
| Linfo |
| Listrix |
| LiteDuke |
| lite_more_eggs |
| Little Pig |
| Living off the Land, LOLBins, LOLBAS |
| LockerGoga |
| LockPOS |
| Locky |
| Logger Module |
| logon.dll |
| LogPOS |
| logsupport.dll |
| LoJax |
 | LokiBot, Loki, LokiPWS, ForeIT |
| LONGRUN |
| LONGWATCH |
| LOWBALL |
| Lowkey, PortReuse |
| LSD |
| Lslsass |
| Lucky Cat |
| Luminosity RAT, LuminosityLink |
| LUNCHMONEY |
| Lurk |
| LZ77 |
| Machete, El Machete |
| Madi |
| Madness PRO DDoS |
| Magecart |
| Magenta Lambert |
| MailPassView |
| Maintools.js |
| MajikPOS |
| MalumPOS |
| ManItsMe |
| MAPIget |
| Marcher |
| MATA |
| Matiex |
| Matrix Banker, RediModiUpd |
| Matryoshka RAT |
 | Maze, ChaCha |
| MBR Eraser |
| MBS BTC Stealer |
 | Md_client |
| MechaFlounder |
| Mechanical |
| meek |
| Mekotio |
| MessageTap |
| METALJACK |
| Metasploit |
| Metasploit Stager |
| Metel |
| Meterpreter |
| MFC Keyloggers |
| MiamiBeach |
| Microolap Packet Sniffer, TCPDUMP for Windows |
| Micropsia |
| Microcin, Mikroceen |
| MILKDROP |
| Milkmaid |
| Milum |
| Mimikatz |
| MINEBRIDGE |
| MINEDOOR |
| MiniASP |
| MiniDuke |
| Minzen, XXMM, Wali, ShadowWali, ShadowWalker |
| MirageFox |
| Misdat |
| MiS-Type |
| Mivast |
| MIXLABEL |
| MKL Pro Keylogger |
| MobileOrder |
 | ModPipe |
| ModPOS |
 | MoleNet |
| Molerat Loader |
| MoneyTaker |
| Mongall |
| MOONSHINE |
| MoonWind RAT, MoonWind |
| More_eggs, SpicyOmelette, Terra Loader, SKID |
| Mosquito |
| Moudoor, SCAR |
| MOVEit Freely |
| MPKBot, MPK |
| MS Exchange Tool |
| msieckc.exe |
| MSFvenom |
| MSUpdater |
| msvcrt58.sqt |
| Mudwater |
| Multigrain, Multigrain POS |
| MURKYTOP |
| MY24 |
| MyDogs |
| Mydoom, Novarg, Mimail |
| MysteryBot |
| MZCookiesView |
| N1stAgent |
| NachoCheese |
| Naid, Trojan.Naid, Mdmbot.E, AGENT.GUNZ, AGENT.AQUP.DROPPER, AGENT.BMZA, MCRAT.A, AGENT.ABQMR |
| Naikon, XsFunction |
| NAILGUN |
| NanHaiShu |
| NanoCore RAT, NanoCore, Nancrat, Zurten, Atros2.CKPN |
| Nautilus |
| NavRAT |
| Nbot, TFC |
| nbtscan |
| nbtstat |
| NcFTPPut |
| NDiskMonitor |
| Necurs, nucurs |
| Nemim, Nemain |
| NeoPocket |
| Neptun |
| Nerex |
| NestEgg |
| netcat |
| Net Crawler, NetC |
| NetEagle, ScoutEagle, scout, norton |
| Netero |
| NetExec |
| NetFlash |
| NetHelp Infostealer, NetHelp Striker |
| NetPwdDump |
| NetTraveler, TravNet, Netfile |
| NetUseEngine |
| NetWire RC, NetWire RAT, NetWired RC, NetWire, Recam |
| NETWoolger |
| Network Password Recovery |
| Neuron |
| Neutrino, Neutrino Bot, Neutrino Exploit Kit, Kasidet |
| Neutrino POS, Jimmy |
| NewCore RAT |
| NewCT, CT |
| NewCT2 |
| NewPass |
| NewPosThings |
| NewsReels |
| NFlog |
| Ngrok |
| Nibatad |
| Nidiran |
| Nimcy |
| NineBlog |
| Nishang |
| Niteris EK, CottonCastle |
| NitlovePOS |
 | njRAT, Bladabindi, Jorik |
| nmap |
| Nokki |
| Non-sucking Service Manager, NSSM |
| NotPetya, EternalPetya, ExPetr, Pnyetya, Petna, Nyetya, NonPetya, nPetya, Petrwrap, Diskcoder.C, GoldenEye |
| NSIS, Nullsoft Scriptable Install System |
| NTDSDump |
| NukeSped |
| Nymaim, nymain |
| ObliqueRAT |
| OceanLotus, OSX_OCEANLOTUS.D |
| Oceansalt |
| Octopus |
| OddJob |
| Odinaff |
| OilRig |
| Okrum |
| OLDBAIT, Sasfis |
| Olympic Destroyer, SOURGRAPE |
| OnionDuke |
| OopsIE |
| OpBlockBuster |
| OpenDoc |
| OperaPassView |
| OpGhoul |
| Orangeade |
| Orcus RAT, Orcus, Schnorchel |
| Orz |
| OS_Check_445 |
| OSInfo |
| Outlook Backdoor, FACADE |
| OwaAuth, luckyowa |
| PACMAN |
| Paladin RAT, Paladin |
| Pallas |
| P.A.S., Fobushell |
| Pasam |
| PassKillDisk |
| Pass-The-Hash Toolkit |
| PasswordFox |
| Patao |
| pcaudit.bat |
| PCClient |
 | PCShare |
| PEBBLEDASH |
 | Pegasus, Q Suite, Chrysaor, JigglyPuff |
| Penquin Turla |
| Peppy RAT, Peppy Trojan |
| pgift, ReRol |
| PhanDoor |
| PhantomLance, Android.Backdoor.736.origin |
 | PhantomNet, SManager |
| Philadelphia |
| Phishery, Trojan.Phisherly |
| PHOREAL, Rizzo |
| PHPMailer |
| PhpSpy |
| PICKPOCKET |
| Pierogi |
| PiggyBack |
| PinchDuke |
| PinkKite |
| Pink Lambert |
| Pioneer, Virus.Win32.Pioneer.dx, igfxext.exe |
| PipeMon |
| Pirpi, SHOTPUT, CookieCutter, Badey, EXL |
| Pisloader |
| Pitty, PittyTiger RAT |
| PLAINTEE |
| PLEAD, TSCookie |
| Plink, PuTTY Link |
| Ploutus, Plotus |
| PluginPhantom |
| PlugX, Destroy RAT, Korplug, Sogu, Kaba, Xamtrav, Agent.dhwf |
| pngdowner |
| PocoDown, Blitz |
| PoisonCarp |
| Poison Ivy, pivy, poisonivy, Gen:Trojan.Heur.PT, Darkmoon, Chymine, Breut |
| Poldat, Zlib, KABOB |
| PolyglotDuke |
| Pony, Pony Loader, Siplog, Fareit |
| PoohMilk Loader, PoohMilk |
| POORAIM, Backdoor.APT.POORAIM |
| POPFLASH |
| Port.exe |
| PortScan |
| PosCardStealer |
| PoshAdvisor |
| PoshC2 |
| POSHSPY |
| PoSlurp, PUNCHTRACK, PSVC |
| POTROAST |
| POWBAT |
| PowerBand |
| PowerBrace |
| PowerDuke |
| PowerDump |
| Powerkatz |
| Powermud |
 | PowerPepper |
| POWERPIPE |
| PowerRatankba, QUICKRIDE.POWER |
| PowerShell RAT |
| PowerShellRunner-based RPC backdoor |
| PowerShower |
| Powersing |
| POWERSOURCE |
| PowerSploit |
| PowerSpritz |
| PowerStallion |
| POWERSTATS, Powermud, Valyria |
| PowerTask |
| POWERTON |
| PowerTrick |
| PowerView |
| PowGoop |
| POWRUNER |
| POWSSHNET |
| PRB-Backdoor |
| Prikormka |
| Prilex |
| ProcDump |
| ProduKey |
| Pro POS |
| Protected Storage PassView |
| Protux |
| ProxyBot |
| Proxysvc |
| PsExec |
| psinstrc.ps1 |
| PsiXBot |
| PsList |
| PSLogger |
| Psylo |
| Pteranodon, Pterodo |
| PunchBuggy, ShellTea, Powersniff |
| Punkey, PunkeyPOS |
| PupyRAT, Pupy |
| PuTTY |
| PVZ-In |
| PVZ-Out |
| pwdump |
| PwnPOS |
| Pyark |
| PyFlash |
| Pylot, Travle |
 | PyMICROPSIA |
| PythocyDbg |
| PyVil RAT |
| Qadars |
| QakBot, Qbot, PinkSlip |
| QCRat |
| QUADAGENT |
| Quant Loader |
| QuarkBandit |
| Quarks PwDump |
| QuasarRAT, Quasar RAT, CinaRAT, Yggdrasil, xRAT |
| QueenOfClubs, SlothfulMedia |
| QueenOfHearts |
| Quickcafe |
| RaidBase |
 | RAINDROP |
| Rambo, brebsd |
| Ramnit, Nimnul |
| Ramsay |
 | Rana |
| Ranbyus |
| RapidStealer |
| rarstar |
| RARSTONE |
| Ratankba, Ratabanka, QUICKRIDE |
| RatankbaPOS, RatabankaPOS |
| RatSnif |
| RawDisk |
| RawPOS, FIENDCRY, DUEBREW, DRIFTWOOD |
| RCS Galileo |
| RC SHELL |
| Rdasrv |
| RDAT |
| RDFSNIFFER |
| RDP, Remote Desktop Protocol |
| Recon |
| ReconModule |
| Red Alert, Red Alert 2.0 |
| RedAlpha |
| RedLeaves, BUGJUICE |
| RedPepper, Adupib |
| RedSalt, Dipsind |
| RedShawl |
| RegDuke |
| reGeorg |
| Regin, Prax, WarriorPride |
| Remcom |
| RemcosRAT, Remcos |
| Remexi, CACHEMONEY |
| remote-access-c3 |
| RemoteCMD |
| Remote CMD/PowerShell terminal |
| Remote Control System, RCS, Crisis |
| Remote Desktop PassView |
| Remsec |
| RemShell |
| RemShell Downloader |
| Remy, Remy RAT |
| Resetter |
| Responder |
| Retefe, Dok, Tsukuba, Werdlod |
| Retefe (Android) |
| Retro |
| RevengeRAT, Revenge, Revetrat |
| ReZer0 |
| RGDoor |
| RICECURRY, Exploit.APT.RICECURRY |
| Rifdoor |
| Rikamanu |
| Rising Sun |
| RMS, Remote Manipulator System |
| Roaming Mantis, MoqHao, XLoader |
| RoboSki |
| ROCK, yellowalbatross |
| ROCKBOOT |
| RocketMan |
| RockLoader |
| RogueRobin, RogueRobinNET |
| RokRAT |
| Roland, Roland RAT |
| Romeos, RomeoCore, Romeo-CoreOne, R-C1 |
| RomeoAlfa, AlphaNC |
| RomeoBravo, BravoNC |
| RomeoCharlie |
| RomeoDelta, DeltaNC |
| RomeoEcho |
| RomeoFoxtrot |
| RomeoGolf |
| RomeoHotel |
| RomeoMike |
| RomeoNovember |
| RomeoWhiskey, Winsec |
| RoyalCli |
| RoyalDNS |
| RTM, RTM Banker, Redaman |
| RtPOS |
| Rubeus |
| RUHAPPY |
| Ruler |
| RunningRAT, Running RAT |
 | Ryuk |
| Safe |
| SAGEHIRE |
| Sagerunex |
| Sakabota |
| Sakula RAT, Sakurel |
| Salgorea, BadCake |
| Sality, Sector, Kuku, SalLoad, Kookoo, SaliCode, Kukacka |
| SALTLICK |
| SamSam, Samas |
| SandroRAT |
| Sasfis, Oficla |
| Satellite Turla |
| scanbox |
| ScanPOS |
| ScarCruft |
| Scieron |
| Scotch |
| Scote |
| SCRAPMINT |
 | ScreenCap |
| Screenshotter |
| sctrls |
 | SDBbot |
| SDelete |
| SeaDuke, SeaDaddy, SeaDask |
| Seasalt |
| SEAWEED |
| SecHack |
| SecreetsDump |
| Secure FTP Client |
| Secure Socket Funneling, SSF |
| Sedkit |
| SeDLL |
| Sedreco, AZZY, EVILTOSS, ADVSTORESHELL, NETUI |
| Separ |
| Sepulcher |
| Serveo |
| ServHelper |
| SessionGopher |
| ShadowHammer, DAYJOB |
| ShadowNet |
 | ShadowPad Winnti, POISONPLUG.SHADOW, XShellGhost |
| ShadyRAT |
| SHAPESHIFT |
| shareip, remotecmd |
| SharpHound |
| SHARPKNOT, Bitrep |
| SharpSploit |
 | SharpStage |
| SHARPSTATS |
| SheepRAT |
| Shifu |
| ShimRAT |
| Shipshape |
| Shootback |
| SHORTBENCH |
| SHUTTERSPEED |
| Shylock, Caphaw |
| SierraAlfa |
| SierraCharlie |
| Silence, TrueBot |
| SilentCMD |
| Silent Night |
| SilkBean |
| SilverHawk |
| Silver Lambert |
| Sima |
| Sinowal, Anserin, Mebroot, Quarian, Theola, Torpig |
| sip_telephone |
| Sisfader, Sisfader RAT |
| Sisron |
| SkeletonKeyInjector |
| SkiBoot |
| Skimer |
| Skip-2.0 |
| Skipper |
| sLoad, StarsLord |
| SLICKSHOES |
| Slingshot |
| SLOWDRIFT |
| SLOWROLL |
| SLRat |
 | SLUB |
| SMBExec |
| Smbmap |
| smbscan |
| SMBTouch |
| SMBTrap |
| Smoke Loader, SmokeLoader, Smoke, Dofoil, Sharik |
| Snatch |
| Sneepy, ByeByeShell |
| SniffPass |
 | SnifLite |
| SNUGRIDE |
 | Snugy, Netero |
| SocksBot, BIRDDOG, Nadrac |
| Sodinokibi, Sodin, REvil |
| SodomMain, SodomMain RAT |
| SodomNormal |
| SoftEther VPN |
| SoftPerfect Network Scanner |
| Sojax |
 | SombRAT |
| SoreFang |
| Sorgu |
| Soraya |
| SOUNDBITE |
| SOUNDWAVE |
| Spaceship |
| Spark |
| Speculoos |
| Spedear |
| Spindest, Backdoor.Apocalipto |
| SPOONBEARD |
| spwebmember |
| SpyEye |
| SpyNote RAT |
| SpyWaller |
| sqllauncher.dll |
| sqlmap |
| SQLRAT |
| SScan |
| SSHMinion |
| SslMM |
| SSLove RAT |
| StarLoader |
| StarsyPound |
| Stealer |
| StealthFalcon |
| Stealth Mango |
| StickyFingers, QUICKBALL |
| StoneDrill, DROPSHOT |
| StreamEx |
| StrongPity |
| StrongPity2 |
| StrongPity3 |
| STSRCheck |
| Stuxnet |
| S-Type |
| Subbrute |
| Sublist3r |
| SubtractThis |
| SUCEFUL |
 | SUNBURST, Solorigate |
 | SUNSPOT |
 | SUPERNOVA |
| SVCMONDR |
| SWEETCANDLE |
| swissknife2 |
| Sword |
| Sykipot, Getkys, Wkysol |
| SymonLoader |
| SynFlooder |
| Sys10 |
| Syscon, Sanny |
| SysGet, HelloBridge |
| SysInternals |
| SysKit, IvizTech, MANGOPUNCH |
| Sysmain |
| SysUpdate |
| TabMsgSQL, LETSGO |
| Tafacalou |
| Taidoor, simbot |
| TAINTEDSCRIBE |
| Tapaoux |
| Tarsip |
| Taurus Loader, Taurus Builder, Taurus Builder Kit |
 | TcpBridge |
| TCP Port Scanner |
 | Tcp_transfer |
| tDiscoverer |
| Tdrop |
| Tdrop2 |
| TDTESS |
| TeamSpy, TVSpy, TVRAT, SpY-Agent |
| TeamViewer |
 | TEARDROP |
| TeleBot |
| TeleDoor |
| Tempting Cedar Spyware |
| TERA |
| Termite |
| Terracotta VPN |
| TerraCrypt, PureLocker |
| TerraPreter |
| TerraRecon, Taurus Loader Reconnaissance Module |
| TerraStealer, Taurus Loader Stealer Module, StealerOne, SONE |
| TerraTV, Taurus Loader TeamViewer Module |
| TerraWiper |
| THC Hydra |
| ThreatKit |
| THREEBYTE |
| ThreeDollars |
| TidePool |
| TIDYELF |
| Tinba, Tiny Banker, Tina, Illi, Zusy |
| TinyCryptor |
| TinyLoader |
| TinyMet, TiniMet |
| TinyNode |
| TinyNuke, NukeBot, Nuclear Bot, MicroBankingTrojan, Xbot |
| TinyPOS |
| TinyPosh |
| TINYTYPHON |
| TinyZBot |
| Titan |
| Titanium |
| Tofu Backdoor |
| TOM-Skype |
| TONEDEAF |
| TONEDEAF 2.0 |
| Topinambour |
| Torn RAT |
| TreasureHunter, TREASUREHUNT, huntpos |
 | TrickBot, Trickster, The Trick, Totbrick, TrickLoader, TSPY_TRICKLOAD |
| TrickMo |
| TRIPLEFANTASY |
| Triton, Trisis, HatMan |
 | TriFive |
| Trochilus RAT |
| Troy |
| Truvasys |
| TTCalc |
| Tunnus |
| TURNEDUP |
| TwoFace, Minion, HighShell, HyperShell, SEASHARPEE |
| TypeConfig, SafeDisk |
| TYPEFRAME |
| Tyupkin, Padpin |
| UDPoS |
| UltraVNC |
| UNITEDRAKE |
| Unknown Logger |
| Upatre |
| updater.mod |
| UPDATESEE |
| UpDocX |
| UPXShell |
| URLZone, Bebloh, Shiotob |
| Uroburos, Urouros, Turla, Snake |
| USBCulprit |
| UsbDoc |
| UsbExe |
| USBferry |
| USBStealer |
| USBWorm |
 | Valak |
| VALUEVAULT |
| VAMP, android.micropsia |
| Vasport |
| Vawtrak, Catch, grabnew, NeverQuest, Snifula |
| VBShower |
| Vcrodat |
| Veil |
| VenomKit |
| VenomLNK |
| VHD |
| ViceLeaker, Triout |
| VIDAR |
| Violet Lambert |
| ViperRAT |
| VIVACIOUSGIFT |
| Vizom |
| Vminst |
| VNC, Virtual Network Computing |
| Voice Massege.apk |
| Volgmer, Manuscrypt |
| VPNFilter |
| vSkimmer |
| w32times |
| Wadhrama |
| WannaCry, WannaCryptor, Wcry, Wana Decrypt0r |
| WARP |
| WastedLocker |
| WaterSpout |
| WbBot |
| WebBrowserPassView |
| WebC2, WebC2-AdSpace, WebC2-Ausov, WebC2-Bolid, WebC2-Cson, WebC2-DIV, WebC2-GreenCat, WebC2-Head, WebC2-Kt3, WebC2-Qbp, WebC2-Rave, WebC2-Table, WebC2-UGX, WebC2-Yahoo |
| Webmask |
| WellMail |
| WellMess |
| Whisky |
| WhiteAtlas |
| White Lambert |
| Wiarp |
| WIDETONE |
| Wii |
| Windows Credentials Editor, WCE |
| WINDSHIELD, Cuegoe |
| WindTail |
| WINERACK |
| Winexe |
| Wingbird |
| WinIDS |
| WinMM |
| Winnti, BleDoor, RbDoor, RibDoor |
| WinPot |
| WinRAR |
| WinSCP |
| Winsloader |
| WINTERLOVE |
| WITCHCOVEN |
| WMI Ghost, Wimmie, Syndicasec |
| WndTest |
| WolfRAT, W1_RAT |
| Wormhole |
| Wpscan |
| WSCSPL |
| WSO, Webshell by Orb |
| X-Agent, Popr-d30, SPLM, CHOPSTICK, fysbis, Backdoor.SofacyX, webhp |
| Xbash |
| XBOT-POS |
| XBOW |
| XDDown |
| xDll |
| XDOOR, X-Door |
| XDList |
| XDLoc |
| XDMonitor |
| XDPass |
| XDRecon |
| XDUpload |
| xfs-disp.exe |
 | XMRig |
| XServer |
| XSLCmd |
| xsPlus, xsControl, nokian |
| XtremeRAT, ExtRat |
| X-Tunnel, Shunnael, XAPS |
| Yahoyah, W32/Seeav |
| Yispecter |
| Yort |
| yty |
 | Zebrocy, Zekapab |
| ZeGhost, BackDoor-FBZT!52D84425CDF2, Trojan.Win32.Staser.ytq, Win32/Zegost.BW |
| ZeroCleare |
| ZeroT |
| Zeus, ZeuS, Zbot, Trojan.Zbot, Wsnpoem, Gorhax, Kneber |
| Zeus OpenSSL, Zeus Sphinx, XSphinx |
| Zeus Panda, PandaBanker |
| ZeusPOS |
| ZeusVM, VMzeus, Zberp |
| zhCat |
| zhMimikatz |
| ZitMo, ZeuS-in-the-Mobile |
| zl4vq.sqt |
| ZLoader, Terdot, DELoader |
| ZooPark |
| ZoxPNG, gresim |
| ZoxRPC |
| XPCTRA, Expectra |
| ZPP |
| Z*Stealer |
| ZUMKONG |
| Zupdax |
| zwShell |
| ZXPortMap |
| ZXShell, Sensocode |