Refer to malware samples that are used to emulate various types of cyber threats. These artifacts are essential components in the platform's testing and validation processes, allowing organizations to emulate real-world attack scenarios in a controlled environment.
Each artifact represents a specific type of threat and is designed to mimic the behavior of actual cyberattacks.
Arifacts Categories in EVE
The EVE platform categorizes samples into three distinct categories: Known, Obfuscated, and Forced. Samples can belong to a single category or be a combination of these categories, such as Known-Obfuscated, Known, Obfuscated, or Forced.
Known
These are samples that are well-identified and recognized by the security community. The naming of these artifacts follows a specific structure that helps in easily identifying them based on common names used in the industry.
Obfuscated
These samples have undergone a process of obfuscation to alter their appearance and behavior, making them harder to detect by security tools. Obfuscated samples mimic more advanced threats that employ evasion techniques.
Forced
Forced samples are those that have been encrypted or modified in such a way that they are designed to bypass security controls, indicating a higher level of manipulation to evade detection.
Zero
Samples that are "on-demand" custom created by reveald.
Naming Conventions for Artifacts
Artifacts in EVE are named according to a structured nomenclature that provides clarity and consistency. The naming convention varies depending on whether the artifact is a known, generic, or modified sample.
Known Artifacts (Named)
For named known artifacts, the structure is as follows:
[Sample Name] . [Malware Type] . exe
Sample Name: The most common name of the sample, usually found through research on platforms like VirusTotal.
Malware Type: The abbreviation of the malware type from the provided list (e.g., Ransom for ransomware).
Extension: Always .exe.
Example: WannaCry.Ransom.exe
Generic Artifacts
For generic known artifacts, the structure is:
[First 5 characters of SHA256] . [Malware Type] . exe
First 5 characters of SHA256: A unique identifier derived from the sample's hash.
Malware Type: The abbreviation of the malware type from the provided list.
Extension: Always .exe.
Example: e54d1.Adware.exe
Modified Artifacts
Modified artifacts follow similar naming conventions to known artifacts but include an additional identifier for obfuscation or other modifications:
[Sample Name or First 5 characters of SHA256] . [Malware Type] . Obf . exe
Obf: Indicates that the sample has been obfuscated.
Extension: Always .exe.
Example: WannaCry.Ransom.Obf.exe or e54d1.Adware.Obf.exe
Special Cases
Variants: If a sample has variants, these are specified with a "V" followed by the variant number:
Example: PetyaRedV2.Ransom.Obf.exe
Re-Obfuscated Samples: If a sample has been obfuscated multiple times, the subsequent obfuscation is indicated by a consecutive number:
Example: PetyaRedV2.Ransom.Obf.2.exe
Encrypted Samples (Forced): For samples that have been encrypted, the name includes the identifier "F" for forced:
Example: PetyaRedV2.Ransom.F.ex
Malware Families Available
Upon customer request, these malware families are available for upload.
Families
7ev3n
9002Rat
ABCBot
AESRTRansomware
AMOS
ATMitch
AXLocker
AbaddonPOS
AceDeceiver
AcidRain
AcrStealer
ActionSpy
Adhubllka
AdvisorBot
AgendaRansomware
AgentTesla
AgnianeStealer
AilurophileStealer
AkiraRansomware
AlmondRAT
Amadey
Amavaldo
Android.Anatsa
Android.Anubis
Android.AwSpy
Android.BadMirror
Android.BlankBot
Android.Brata
Android.Bzy
Android.Chameleon
Android.CleaningService
Android.Coper
Android.Copybara
Android.Cynos
Android.FluBot
Android.Greywolf
Android.HookBot
Android.Hummingbad
Android.ItauSinc
Android.Joker
Android.MazarBot
Android.Medusa
Android.MobileOrder
Android.Mobtes
Android.Octo
Android.Psiphone
Android.RATMilad
Android.Rootnik
Android.Rummus
Android.Sharkbot
Android.SoumniBot
Android.SpyNote
Android.Teabot
Android.Vultur
Android.WyrmSpy
Android.Xavier
Android.Xbot
Andromeda
AnglerEK
AppleSeed
Arechclient2
AresLoader
Aria-Body
AridGopher
ArkeiStealer
Asbit
AsyncRAT
AteraAgent
Atharvan
AtlantidaStealer
AtlasAgent
AtomSilo
AuKill
AugustStealer
AuroraStealer
AveMaria
Aveo
AvosLockerRansomware
Azorult
AzovRansomware
B1txor20
BHUNTStealer
Babadeda
Babuk
BackMyDataRansomware
BadSpace
BandarChorRansomware
BanditStealer
Bandook
Bankshot
Banload
BansheeStealer
BartRansomware
Bartalex
BasBanke
Bashlite
BatchWiper
Batloader
BazarLoader
Bazarbackdoor
Bedep
BiBiWiper
BianLianRansomware
BitRAT
Bizarro
BlackBastaRansomware
BlackByte
BlackCatRansomware
BlackGuard
BlackLotus Bootkit
BlackMagicRansomware
BlackMatter
BlackRock
BlackSnakeRansomware
BlackTech
BlackholeEK
Blackmoon
Blacksoul
BlackwoodLoader
BlankGrabber
BlisterLoader
BlueFox
BlueSkyRansomware
BoldMove
BoratRAT
BotenaGo
BottomLoader
BouldSpy
BrasDex
Brbbot
BruteRatel
BuerLoader
BumbleBeeLoader
BunnyLoader
CABless-40444
CSInstaller
CTB-Locker
CVE-2008-2551
CVE-2015-0359
CVE-2017-10271
CVE-2017-11882
CVE-2018-0802
CVE-2018-4878
CVE-2020-1599
CVE-2022-22954
CacheFlow
CactusRansomware
CaddyWiper
CapraRAT
CatB
CenterPOS
CerberRansomware
CertBreaker
CertiShell
ChChes
Chaes
Chameleon
ChaosRansomware
Chapak
ChargeWeapon
CherryLoader
ChromeExploitKits
Chromeloader
Cl0pRansomware
ClearFake
ClipBanker
ClownicRansomware
CobaltStrike
CodeRAT
Coinstomp
Coinvault
ColdStealer
ColibriLoader
CollectorGoomba
CollectorStealer
Conficker
Conti
Coper
CoreShell
Coroxy
Cova
CrateDepression
CrimsonRAT
Cronrat
CrushArcade
CryptBot
CryptNetRansomware
CryptNetRasnomware
CryptoFortress
CryptoMixRansomware
Cryptolocker
Cryptowall
CrysisRansomware
CrytoxRansomware
Cryxos
CubaRansomware
CuratorRansomware
CustomerLoader
CyberGateRAT
CyclopsBlink
DBatLoader
DCRat
DDosia
DLRAT
DMALocker
DTrack
DanaBot
DangerAds
DarkBitRansomware
DarkCloud
DarkComet
DarkGateLoader
DarkMeLoader
DarkMeRAT
DarkWatchmanRAT
Darkbit
Darkside
Darktrack Rat
Daserf
Dasref
DaveLoader
Daxin
DeadBoltRansomware
DearCryRansomware
DecafRansomware
Denonia
Derusbi
DevOpt
Dexbia
DiavolRansomware
DinodasRAT
DiscordRAT
DiscordTokenStealers
DisgoMoji
DistTrack
Djvu
DnSpyTrojan
DnWipe
DoNexRansomware
DonutLoader
DoubleFinger
DoubleZeroWiper
DowneksLoader
Dracarys
DreamBusBot
DreamLand
Dridex-Maldocs
Dridex
Drokbk
Dyre
Eamfo
EasyStealer
EchelonStealer
ElectronBot
Elirks
Emdivi
Emissary
Emotet
Enemybot
Enigma
Ermac
Escelar
Escobar
EternalRocks
EternityProject
EvilAntRansomware
EvilExtractor
EvilGrab
EvilNominatusRansomware
EvilPlayout
EvilQuest
ExByte
Exaramel
Exmatter
Expiro
EyService
EyePyramid
FBIOperationDuckHunt
FabookieStealer
FakeBat
FakeDivX
Fanny
Fareit
FastFire
FastViewer
Fastcash
FighterPOS
Filmkan
FinSpy
Flashback
FlawedGrace
Fleckpe
FlokiBot
FluHorse
FormBook
Fragtor
FritzFrog
Fysbis
GCleaner
GOLDBACKDOORDropper
GPCodeRansomware
Gafgyt
Gamaredon
GameoverP2P
GandCrab
Gauss
GenshinDriver
GeopByteBomb
Get2
Gh0stCringe
Gh0stRAT
GigabudRAT
GlobelImposter
Glupteba
GoDDOSIRC
GoSearch
GoTitan
GodFather
Gomir
Goodor
GoodwillRansomware
GootLoader
Gopuram
GoziIsfb
GraceWire
Grandoreiro
GraphicalProton
Graphiron
GreetingGhoul
Grief
GriftHorse
GrimPlant
GuLoader
GwisinLocker
HTran
HakBit
HalkBank
Hancitor
HaronRansomware
HavannaCrypt
HavexRat
Havoc
HawkEyeKeylogger
HazyLoad
HeaderTip
HelloKitty
HermeticWiper
Hi-Zor
HijackLoader
HinataBot
HiveRansomware
Hoplight
HotCroissant
Houdini
Hydra
HydraBankBot
HyperBro
HyperSSL
HzRAT
INCRansomware
IPStorm
IRATA
IceFireRansomware
IceXLoader
IcedId
Icefrog
ImminentMonitor
Immortal Stealer
In2al5dp3in4erLoader
Industroyer
Industroyer2
Infy
InstatWiper
IronWind
IsmAgent
IssacWiper
Ixeshe
JLoRat
JSocket
Jaff
JaffRansomware
Jianmo
JripBot
Jupyter
KMSPico
KRBanker
KTLVdoor
KandyKorn
Karma
KasseikaRansomware
KematianStealer
Keybase
KghSpy
KimjongRat
Kinsing
Knot
Koadic
Kobalos
KoiLoader
Konni
Korlia
Kovter
KoxicRansomware
KrakenGoBotnet
Kriptovor
Kronos
KrusRansomware
KrustyLoader
KurayStealer
Kutaki
Kwampirs
LEMURLOOT
Lalala Stealer
Lambert
Lampion
LatentBot
Latrodectus
LazyScripter
LeetMX
LemonDuck
LgoogLoader
LightningFramework
LilithBot
LilithRansomware
Limerat
Linux.Spike
LitterDrifter
Lobshot
LockBitRansomware
LockerGoga
LockyRansomware
Loda
Log4JMalware
LokiLockerRansomware
LokiPasswordStealer
Lokibot
LorenzRansomware
Lucifer
LummaStealer
M0yv
MNKit
MacOS.AdLoad
MacOS.Adwind
MacOS.AppleJeus
MacOS.BirdMiner
MacOS.Calisto
MacOS.Cointicker
MacOS.Coldroot
MacOS.Convuster
MacOS.Cookieminer
MacOS.Dok
MacOS.Dummy
MacOS.Evilquest
MacOS.KeRanger
MacOS.Kitm
MacOS.LaoShu
MacOS.Macma
MacOS.Pirrit
MacOS.Shlayer
MacOS.Tarmac
MacOS.WireLurker
MacOS.XCSSET
MacOS.XLoader
MacOS.Zuru
MagicRAT
Magnat
MagniberRansomware
Mandrake
Manjusaka
MarsStealer
MassLogger
Matanbuchus
MauiRansomware
Maze
MedusaLocker
MekotioBanker
MementoRansomware
MeowRansomware
MercurialStealer
Metamorfo
MgBot
MicroClip
Micropsia
MidasRansomware
MinodoLoader
Mirai
Mispadu
Mmon
Modernloader
MoishaRansomware
Molerats
MoneyRansomware
MooBot
Moqhao
MortisLocker
MosesStaff
MuddyWater.Alien
Multigrain
Murofet
MyDogs
MyDoom
MyloBot
MysticStealer
NSIS
Nachocheese
Nanhaishu
NanoLocker
Nanocore
Necro
Necurs
NerbianRAT
Neshta
NetFilter
NetSupport
NetSupportRAT
NetTraveler
NetWireRAT
Netwalker
Networm
NeutrinoBot
NeutrinoEK
NewBotLoader
Nexus
Ngrbot
NightHawkRAT
NightSkyRansomware
Nimrev
NineRAT
NitlovePOS
NjRat
NodeStealer
NokoyawaRansomware
Nosu
NuclearEK
Nukesped
Nullmixer
Numando
NvRendererMiner
Octocrypt
Ohagi
Okiru
OldGremlin
OnlinerSpambot
OnyxRansomware
OrBit
Orcus
OriginLogger
Oscorp
Oski
Osno
Ousaban
Owowa
OxyPumper
Oyster
P2PInfect
PIVY
PLAYRansomware
PPAMDropper
PadCrypt
Panchan
PandaBanker
PandoraRansomware
Paradies
ParadiseRansomware
ParallaxRat
PassCV
Pay2Key
Pegasus
PetyaRansomware
PhiladelphiaRansomware
PhobosRansomware
Phorpiex
PickandPlaceRAT
PikaBot
PingPull
PlanetStealer
PlatinumGroup
PlugX
Pony
Poseidon
PoweRAT
PowerStager
Powersniff
Predator the Thief
PrivateLoader
ProLock
ProjectSauron
Prometei
PryntStealer
Pterodo
Punkey
PupyRAT
PureCrypter
PureLogStealer
PurpleFox
Pushdo
PwnPOS
Pymafka
Pysa
QakBot
Qealler
QtBot
QuantumRansomware
QuasarRAT
REvil
ROMCOMRat
RTMLocker
RURansom
RaccoonStealer
RagnarLocker
Rakos
Ramdo
RansomExx
Rapperbot
RaspberryRobin
RatDispenser
RatMilad
Ratopak
RawPOS
Rawdoor
Razy
Rdat
Reaver
RecordBreaker
RedAlertRansomware
RedCap
RedLeaves
RedLine
Rekoobe
Rekt Loader
Remcos
Retefe
RevengeRAT
RhadamanthysLoader
RhysidaRansomware
RisePro
RoadsweepRansomware
RoamingMantis
RockLoader
RogueRobin
RokRAT
Rombertik
RookRansomware
Roopy
RotaJakiro
Rovnix
RoyalRansomware
Rozena
RtPOS
RustBucket
Ryuk
SFileRansomware
SIGNBT
SPECTRALVIPER
STOPRansomware
STRRAT
SVCReady
SYS01Stealer
SageRansomware
Saitama
Sakula
Sality
SamsamRansomware
Sanya
Satacom
Satana
ScareCrowRansomware
Scieron
ScrubCrypt
SectopRAT
ShadowPad
SharkBot
ShellCrew
Shellbot
Shifu
Shikitega
ShimRAT
ShinoLocker
ShinyMW2Exploit
Shlayer
Sidewalk
Sierra
SiestaGraph
Siloscape
Skipper
SkuldStealer
SkypeWorm
Slave
Sliver
SmashJacker
SmokeLoader
SnakeKeylogger
SocGholish
Socks5Systemz
SolarwindsBreach
SpiderpigRAT
Spring4Shell
SshNet
Stantinko
StealBit
Stealc
Stegoloader
Strab
StrifeWater
SubtlePaws
SugarRansomware
SundownEK
SunnyDayRansomware
SweetSpecter
SwiftSlicerWiper
Sword2033
Sykipot
Symmi
SynAckRansomware
SysJoker
Syslogk
SystemBC
TelB
Telemiris
TempStealer
TerraStealer
TeslaCrypt
Thanatos
ThanosRansomware
TianySpy
TidePool
Tinba
TinyTurla
TitanStealer
Tofsee
TokyoX
Tomiris
ToneShell
Tor2Mine
Trat
TriangleDB
TrickBot
TrickGate
TrigonaRansomware
Trochilus Rat
TrollStealer
Truebot
TsCookie
TunnelSpecter
Tur
Turian
Turla
TwoFace
TypeHash
UBoatRAT
UDPRat
Upatre
Upstyle
Urausy
UsbCulprit
UsbFerry
VBCrypt
VMProtect
VSingle
Vadokrist
Vaggen
Valyria
VareStealer
Vawtrak
VenomRAT
VenusRansomware
VermilionStrike
Vermin
VettaLoader
Vidar
VideoSkimmer
VileLoader
ViperSoftX
Virlock
VirusSign
Voho
VohukRansomware
Void
Volgmer
Vultur
WSLMalware
WagnerWiper
WannaCry
Warmcookie
WellMail
WellMess
Werdlod
WhisperGate
WhiteBlackCrypt
WhiteRabbitRansomware
WikiLoader
Win32.CrowdStruck
WinDealer
WinMM
WineLoader
WinsLoader
WizardUpdate
WpBruteBot
XBinder
XCSSET
XFilesStealer
XLoader
XMRig
XPack
XPertRat
XRat
XTremeRat
XTunnel
XWorm
XXMM
XdSpy
Xdr33
XenoRAT
Xenomorph
XorDdoS
XsPlus
YTStealer
YanluowangRansomware
Yorekey
YoungLotus
Zanubis
Zenar
ZeroT
Zeus
ZeusAction
ZharkRAT
Zombinder
Zumanek
ZuoRAT
dnWipe
in2al5dp3in4erLoader
node-ipc-Protestware
slnRAT
zLoader
zLob
zgRAT
zxShell
In order to upload the families a reques from the customer needs to be done.
Depending on the malware family, up to 10 samples can be uploaded for each family.