Technical Documentation
WebsiteLinkedIn
  • Technical Documentation
  • Admin Guides
    • Epiphany Intelligence Platform Administrator Guide
      • Epiphany Intelligence Platform Overview
      • Using Epiphany: A Quickstart Guide
      • Epiphany Tools
        • Dashboards
        • Path Finder
          • Path Finder Search Strings
        • Impact Matrix
        • Vulnerabilities
        • Rogue Report
          • Coverage Area
          • Host List and the Query Builder
        • Inventory
          • Active Directory
        • Tickets
          • Creating Tickets
          • Adding comments to a ticket
          • Ticket Activity
          • Closing A Ticket
          • Reveald Ticket Synchronization
          • Supported Markdown
      • Administration
        • User Management
        • Source Management
          • Site Collectors Setup
          • Cloud-Based Data Sources
            • Data Source Examples
          • On-Prem Data Sources
            • Example
      • Search and Query Guidelines
        • Search Basics
        • Query Operators
        • Complex Epiphany Queries
        • Search Keywords
      • Other Resources
    • Epiphany Validation Engine User's Guide
      • Chapter 1: Architecture of EVE
        • Endpoint
        • Platform
      • Chapter 2 : EVE Endpoint
        • Hardware Requirements
        • Operating System Requirements
        • Custom Threat Module Requirements
        • EVE Agent Requirements
          • Endpoint (physical or VM) with Golden Image.
          • Exclusion of E.V.E. paths in third-party Endpoint solutions
          • Third-party communications configuration in the EVE Platform.
          • Privileges
          • Communication between Endpoint and Platform
          • Frameworks
        • Obtaining The EVE Agent
        • The E.V.E. Agent
          • Controls
          • Notifications
          • Isolation
        • Installing the EVE Agent
          • EVE Agent Installation on Windows EndPoints
          • Validating the Installation of EVE Agent on Windows
          • EVE Agent Installation on Linux Endpoints
          • Validating the Installation of EVE Agent on Linux
          • Backup of the Virtual Machine with Golden Image
        • Updating EVE Agent
        • Uninstalling the EVE Agent
        • Troubleshooting
          • Obtaining Logs of the Agent from the cloud instance
          • Obtaining Logs locally of the EVE Agent on Windows Systems
          • Obtaining Logs locally of the EVE Agent on Linux Systems
          • Obtaining Logs of the Isolation Process
      • Chapter 3: EVE Platform
        • Logging in to the Platform for the first time
        • Navigation Tabs
          • Dashboard
          • Emulation Control
            • Endpoints
              • Endpoints Table
              • Obtaining Endpoint Details
              • Rename an Endpoint: Alias
              • Restart an Agent
              • Emulation History of an Endpoint
              • Remove a Host
              • EVE Agent
              • Download the EVE Agent
              • Download Endpoints Report
              • Windows Installer Update
              • Linux Installer Update
              • Delete an Installer Version
            • Threat Library
              • View the MITRE Matrix Related to a Sample
              • Artifacts Severity
              • Artifacts
            • Emulations
              • Scheduled Emulations
              • Emulation Results
              • Export a .xlsx Report of an Emulation
              • Export a .PDF Report of an Emulation
              • Continuous Validation
            • Custom Threats
          • System Configuration
            • Users
              • Account Types
              • 2FA
              • SSO
        • License
        • Help
        • Support
        • Users Management
        • API
    • Data Usage Guide
      • Primer: How Epiphany Works
      • Data Sources: A Deeper Dive
      • Getting Results: Data Source Outputs
      • Data Privacy and Security
    • Epiphany Security and Trust
      • Introduction
      • Program Details
      • Primary Risks
      • Our Responsibility to You
      • Your Responsibility to Yourself
      • Supplemental Information
      • Secure by Design
      • Conclusion
  • Use Cases
    • Overview
    • 6 Essential Cybersecurity Questions
    • Validate and Manage Assets and Devices in Your Environment
    • Deep Inspection and Audit of Identity Services
    • Manage Exploitability
    • Manage Business Impact
    • Effectively Manage Attack Paths to Enable Better Risk Decisions
  • Epiphany Workflows
    • Technical Analysis
      • Create an Analysis-Focused Dashboard
        • Dashboard Widgets
        • Attack Path Widgets
        • Exposure Widgets
        • Occurrence Widgets
        • Environmental Widgets
        • Administrative Widgets
        • Ticketing Widgets
        • Example Analyst Dashboard
        • Report Features in Dashboard Widgets
      • Attack Path Management
        • Analyze the Attack Path
        • Select a Remediation Recommendation
        • Track Remediation Progress
        • View Potential Exposure to Material impact
        • Tag a Node
      • Vulnerability Management
        • Search for Vulnerabilities
        • Prioritize Vulnerabilities for Remediation
      • Identity Management
        • Identify Risky Conditions in Active Directory (Kerberoastable Users and AS-REP Roastable Users)
        • Identify Risky Conditions in Active Directory (Exposed Active Directory Domain Administrators)
        • Audit High Value Groups
      • Device Management
        • Explore Device Inventory
        • Identify a Rogue System
  • Site Collectors
    • Epiphany Collector Prerequisites
    • Site Collector Guide
      • Create a Site Collector in Epiphany
      • Download a Site Collector Image
      • Generate an Activation Key and Activate Your Epiphany Site Collector
      • Windows GPO Configuration for Epiphany Collector v2.0
      • (Deprecated) Windows GPO Configuration for Epiphany Collector
  • Data Sources
    • Azure Services
      • Obtain the Tenant ID in Azure
      • Register Epiphany as an Application in Azure
      • Add Permissions to the Application - Azure AD
      • Add Permissions to the Application - Defender for Endpoint
      • Add the Azure Credentials to Epiphany
      • How Epiphany Interacts With the Azure API
      • Supplemental Information
    • Carbon Black Cloud
      • Create a Role in Carbon Black Cloud
      • Create a New Carbon Black Cloud User
      • Generate a Carbon Black Cloud API Key
      • Add the Carbon Black Cloud Credentials to Epiphany
      • Supplemental Information
    • Cisco IOS
      • Create a New Cisco IOS User
      • Add the Cisco IOS Credentials to Epiphany
      • Supplemental Information
      • Cisco IOS Manual Collection
    • Claroty
      • Create a Claroty Read-Only User
      • Add the Claroty Credentials to Epiphany
      • How Epiphany Interacts With the Claroty API
    • CrowdStrike
      • Create a CrowdStrike API Key
      • Add the CrowdStrike Credentials to Epiphany
      • How Epiphany Interacts With the CrowdStrike API
      • Supplemental Information
    • Cylance
      • Create a New Cylance User
      • Add the User's Cylance Credentials to Epiphany
      • How Epiphany Interacts With the Cylance API
      • Supplemental Information
    • Manage Engine Patch Manager Plus
      • Create a New Patch Manager Plus User
      • Create a New Patch Manager Plus API Key
      • Add the Patch Manager Plus Credentials to Epiphany
      • How Epiphany Interacts With the Patch Manager Plus API
    • NCentral
      • Create an NCentral Read-Only User and an API Key
      • Add the NCentral Credentials to Epiphany
      • How Epiphany Interacts With the NCentral API
    • Nessus
    • Qualys
      • Create a New Qualys User
      • Add the Qualys Credentials to Epiphany
      • How Epiphany Interacts With the Qualys API
      • Supplemental Information
    • Rapid7 Nexpose
      • Create a New Rapid7 Nexpose User
      • Add the User's Credentials to Epiphany
      • Deploy an Epiphany Site Collector
      • Associate the Site Collector and the Data Source
      • How Epiphany Interacts With the Rapid7 Nexpose Data Source
      • Supplemental Information
    • SentinelOne
      • Create a New Sentinel One User and Generate an API Key
      • Add the User's Sentinel One Credentials and API Key to Epiphany
      • Supplemental Information
    • Tenable
      • Create a New Tenable User
      • Tenable IO Permissions
      • Generate an API Key
      • Add the User's Credentials to Epiphany
      • Deploy a Site Collector (Tenable.sc only)
      • Associate the Site Collector and the Data Source (Tenable.sc only)
      • How Epiphany Interacts With the Tenable Data Source
      • Supplemental Information
    • Trend Micro Apex One
      • Create a Trend Micro Apex One API Key
      • Add the Trend Micro Apex One Credentials to Epiphany
      • How Epiphany Interacts With the Apex Server
      • Supplemental Information
    • Trend Micro Cloud One Deep Security
      • Create a Trend Micro Cloud One Account and API Key
      • Add the Trend Micro Cloud One Credentials to Epiphany
      • How Epiphany Interacts With the Trend Micro Cloud One API
      • Supplemental Information
    • Vicarious vRx
      • Create an API key in Vicarious vRx
      • Add the Vicarious vRx API Key to Epiphany
    • Windows AD
      • Create an AD Service Account for Epiphany
      • Create the Windows AD GPO
      • Deploy the Epiphany Site Collector
      • Add the Windows AD Credentials to the Windows AD Data Source Configuration in Epiphany
      • Supplemental Information
  • Data Sources (Early Access)
    • Armis
      • Create a New Armis User
      • Generate an Armis API Key
      • Add the Armis User's Credentials to Epiphany
      • How Epiphany Interacts With the Armis API
      • Supplemental Information
    • ArubaOS
      • Use SSH to Collect ArubaOS Network Appliance Information
      • Add the ArubaOS Credentials to Epiphany
      • ArubaOS Manual Collection
      • Supplemental Information
    • Automox
      • Create a New Automox User and a New Automox API Key
      • Add the Automox Credentials to Epiphany
      • How Epiphany Interacts with the Automox API
      • Supplemental Information
    • AWS
      • Create a New AWS User and AWS API Credentials
      • Add the AWS Credentials to Epiphany
      • How Epiphany Interacts with the AWS API
      • Supplemental Information
    • BeyondTrust
      • Create an Explicit User Account in BeyondTrust
      • Deploy an Epiphany Site Collector
      • Add the BeyondTrust Credentials to Epiphany
      • Supplemental Information
    • Bloodhound
      • Bloodhound Set Up 1
      • Bloodhound Set Up 2
      • Add the Bloodhound Credentials to Epiphany
      • How Epiphany Interacts With the Bloodhound Data Source
      • Supplemental Information
    • Cisco Meraki
      • Generate a Read-Only Meraki Account
      • Generate a Meraki API Key
      • Collect the Meraki Network Maps
      • Add the Cisco Meraki Credentials to Epiphany
      • Supplemental Information
    • FortiOS
      • Generate a FortiOS API Token
      • Add the API Token to Epiphany
      • Supplemental Information
    • HPE Comware
      • Data Collection for Epiphany
      • Supplemental Information
    • Juniper OS
      • Configure and Verify the Rest API
      • Data Collection for Epiphany
      • Supplemental Information
    • Okta
      • Okta Set Up 1
      • Okta Set Up 2
      • Add the Okta Credentials to Epiphany
      • How Epiphany Interacts With the Okta Data Source
      • Supplemental Information
    • Palo Alto PAN-OS and Panorama
      • Create a New PAN-OS or Panorama User
      • Add the Panorama or PAN-OS Credentials to Epiphany
      • Add the SSH Credentials to Epiphany
      • PAN-OS and Panorama SSH/Manual Collection
      • How Epiphany Interacts With the Palo Alto API/Console
      • Supplemental Information
    • Windows AD (Legacy Version)
      • Create the Windows AD GPO
      • Supplemental Information
    • VMware vSphere
      • Create the vSphere User Account
      • Create a Role
      • Assign Read-Only permissions to vCenter
      • Assign a User Account the Role on a single Object
      • Add vSphere as a Data Source within the Console
  • Changelog
    • 2023-08-02: Phase 1 Customer Portal
    • 2023-08-25: Epiphany Administrator Guide v1.0
    • 2023-09-14: Product Update
    • 2023-09-27: Product Update
    • 2023-10-13: Product Update
    • 2023-12-01: Product Update
  • Legal Notice
    • Terms and Conditions
    • Privacy
Powered by GitBook
On this page
  • Arifacts Categories in EVE
  • Naming Conventions for Artifacts
  • Malware Families Available
  1. Admin Guides
  2. Epiphany Validation Engine User's Guide
  3. Chapter 3: EVE Platform
  4. Navigation Tabs
  5. Emulation Control
  6. Threat Library

Artifacts

PreviousArtifacts SeverityNextEmulations

Last updated 6 months ago

Refer to malware samples that are used to emulate various types of cyber threats. These artifacts are essential components in the platform's testing and validation processes, allowing organizations to emulate real-world attack scenarios in a controlled environment.

Each artifact represents a specific type of threat and is designed to mimic the behavior of actual cyberattacks.

Arifacts Categories in EVE

The EVE platform categorizes samples into three distinct categories: Known, Obfuscated, and Forced. Samples can belong to a single category or be a combination of these categories, such as Known-Obfuscated, Known, Obfuscated, or Forced.

  1. Known These are samples that are well-identified and recognized by the security community. The naming of these artifacts follows a specific structure that helps in easily identifying them based on common names used in the industry.

  2. Obfuscated These samples have undergone a process of obfuscation to alter their appearance and behavior, making them harder to detect by security tools. Obfuscated samples mimic more advanced threats that employ evasion techniques.

  3. Forced Forced samples are those that have been encrypted or modified in such a way that they are designed to bypass security controls, indicating a higher level of manipulation to evade detection.

  4. Zero Samples that are "on-demand" custom created by reveald.

Naming Conventions for Artifacts

Artifacts in EVE are named according to a structured nomenclature that provides clarity and consistency. The naming convention varies depending on whether the artifact is a known, generic, or modified sample.

Known Artifacts (Named)

For named known artifacts, the structure is as follows:

[Sample Name] . [Malware Type] . exe
  • Sample Name: The most common name of the sample, usually found through research on platforms like VirusTotal.

  • Malware Type: The abbreviation of the malware type from the provided list (e.g., Ransom for ransomware).

  • Extension: Always .exe.

Example: WannaCry.Ransom.exe

Generic Artifacts

For generic known artifacts, the structure is:

[First 5 characters of SHA256] . [Malware Type] . exe
  • First 5 characters of SHA256: A unique identifier derived from the sample's hash.

  • Malware Type: The abbreviation of the malware type from the provided list.

  • Extension: Always .exe.

Example: e54d1.Adware.exe

Modified Artifacts

Modified artifacts follow similar naming conventions to known artifacts but include an additional identifier for obfuscation or other modifications:

[Sample Name or First 5 characters of SHA256] . [Malware Type] . Obf . exe
  • Obf: Indicates that the sample has been obfuscated.

  • Extension: Always .exe.

Example: WannaCry.Ransom.Obf.exe or e54d1.Adware.Obf.exe

Special Cases

  1. Variants: If a sample has variants, these are specified with a "V" followed by the variant number:

    • Example: PetyaRedV2.Ransom.Obf.exe

  2. Re-Obfuscated Samples: If a sample has been obfuscated multiple times, the subsequent obfuscation is indicated by a consecutive number:

    • Example: PetyaRedV2.Ransom.Obf.2.exe

  3. Encrypted Samples (Forced): For samples that have been encrypted, the name includes the identifier "F" for forced:

    • Example: PetyaRedV2.Ransom.F.ex

Malware Families Available

Upon customer request, these malware families are available for upload.

Families

7ev3n

9002Rat

ABCBot

AESRTRansomware

AMOS

ATMitch

AXLocker

AbaddonPOS

AceDeceiver

AcidRain

AcrStealer

ActionSpy

Adhubllka

AdvisorBot

AgendaRansomware

AgentTesla

AgnianeStealer

AilurophileStealer

AkiraRansomware

AlmondRAT

Amadey

Amavaldo

Android.Anatsa

Android.Anubis

Android.AwSpy

Android.BadMirror

Android.BlankBot

Android.Brata

Android.Bzy

Android.Chameleon

Android.CleaningService

Android.Coper

Android.Copybara

Android.Cynos

Android.FluBot

Android.Greywolf

Android.HookBot

Android.Hummingbad

Android.ItauSinc

Android.Joker

Android.MazarBot

Android.Medusa

Android.MobileOrder

Android.Mobtes

Android.Octo

Android.Psiphone

Android.RATMilad

Android.Rootnik

Android.Rummus

Android.Sharkbot

Android.SoumniBot

Android.SpyNote

Android.Teabot

Android.Vultur

Android.WyrmSpy

Android.Xavier

Android.Xbot

Andromeda

AnglerEK

AppleSeed

Arechclient2

AresLoader

Aria-Body

AridGopher

ArkeiStealer

Asbit

AsyncRAT

AteraAgent

Atharvan

AtlantidaStealer

AtlasAgent

AtomSilo

AuKill

AugustStealer

AuroraStealer

AveMaria

Aveo

AvosLockerRansomware

Azorult

AzovRansomware

B1txor20

BHUNTStealer

Babadeda

Babuk

BackMyDataRansomware

BadSpace

BandarChorRansomware

BanditStealer

Bandook

Bankshot

Banload

BansheeStealer

BartRansomware

Bartalex

BasBanke

Bashlite

BatchWiper

Batloader

BazarLoader

Bazarbackdoor

Bedep

BiBiWiper

BianLianRansomware

BitRAT

Bizarro

BlackBastaRansomware

BlackByte

BlackCatRansomware

BlackGuard

BlackLotus Bootkit

BlackMagicRansomware

BlackMatter

BlackRock

BlackSnakeRansomware

BlackTech

BlackholeEK

Blackmoon

Blacksoul

BlackwoodLoader

BlankGrabber

BlisterLoader

BlueFox

BlueSkyRansomware

BoldMove

BoratRAT

BotenaGo

BottomLoader

BouldSpy

BrasDex

Brbbot

BruteRatel

BuerLoader

BumbleBeeLoader

BunnyLoader

CABless-40444

CSInstaller

CTB-Locker

CVE-2008-2551

CVE-2015-0359

CVE-2017-10271

CVE-2017-11882

CVE-2018-0802

CVE-2018-4878

CVE-2020-1599

CVE-2022-22954

CacheFlow

CactusRansomware

CaddyWiper

CapraRAT

CatB

CenterPOS

CerberRansomware

CertBreaker

CertiShell

ChChes

Chaes

Chameleon

ChaosRansomware

Chapak

ChargeWeapon

CherryLoader

ChromeExploitKits

Chromeloader

Cl0pRansomware

ClearFake

ClipBanker

ClownicRansomware

CobaltStrike

CodeRAT

Coinstomp

Coinvault

ColdStealer

ColibriLoader

CollectorGoomba

CollectorStealer

Conficker

Conti

Coper

CoreShell

Coroxy

Cova

CrateDepression

CrimsonRAT

Cronrat

CrushArcade

CryptBot

CryptNetRansomware

CryptNetRasnomware

CryptoFortress

CryptoMixRansomware

Cryptolocker

Cryptowall

CrysisRansomware

CrytoxRansomware

Cryxos

CubaRansomware

CuratorRansomware

CustomerLoader

CyberGateRAT

CyclopsBlink

DBatLoader

DCRat

DDosia

DLRAT

DMALocker

DTrack

DanaBot

DangerAds

DarkBitRansomware

DarkCloud

DarkComet

DarkGateLoader

DarkMeLoader

DarkMeRAT

DarkWatchmanRAT

Darkbit

Darkside

Darktrack Rat

Daserf

Dasref

DaveLoader

Daxin

DeadBoltRansomware

DearCryRansomware

DecafRansomware

Denonia

Derusbi

DevOpt

Dexbia

DiavolRansomware

DinodasRAT

DiscordRAT

DiscordTokenStealers

DisgoMoji

DistTrack

Djvu

DnSpyTrojan

DnWipe

DoNexRansomware

DonutLoader

DoubleFinger

DoubleZeroWiper

DowneksLoader

Dracarys

DreamBusBot

DreamLand

Dridex-Maldocs

Dridex

Drokbk

Dyre

Eamfo

EasyStealer

EchelonStealer

ElectronBot

Elirks

Emdivi

Emissary

Emotet

Enemybot

Enigma

Ermac

Escelar

Escobar

EternalRocks

EternityProject

EvilAntRansomware

EvilExtractor

EvilGrab

EvilNominatusRansomware

EvilPlayout

EvilQuest

ExByte

Exaramel

Exmatter

Expiro

EyService

EyePyramid

FBIOperationDuckHunt

FabookieStealer

FakeBat

FakeDivX

Fanny

Fareit

FastFire

FastViewer

Fastcash

FighterPOS

Filmkan

FinSpy

Flashback

FlawedGrace

Fleckpe

FlokiBot

FluHorse

FormBook

Fragtor

FritzFrog

Fysbis

GCleaner

GOLDBACKDOORDropper

GPCodeRansomware

Gafgyt

Gamaredon

GameoverP2P

GandCrab

Gauss

GenshinDriver

GeopByteBomb

Get2

Gh0stCringe

Gh0stRAT

GigabudRAT

GlobelImposter

Glupteba

GoDDOSIRC

GoSearch

GoTitan

GodFather

Gomir

Goodor

GoodwillRansomware

GootLoader

Gopuram

GoziIsfb

GraceWire

Grandoreiro

GraphicalProton

Graphiron

GreetingGhoul

Grief

GriftHorse

GrimPlant

GuLoader

GwisinLocker

HTran

HakBit

HalkBank

Hancitor

HaronRansomware

HavannaCrypt

HavexRat

Havoc

HawkEyeKeylogger

HazyLoad

HeaderTip

HelloKitty

HermeticWiper

Hi-Zor

HijackLoader

HinataBot

HiveRansomware

Hoplight

HotCroissant

Houdini

Hydra

HydraBankBot

HyperBro

HyperSSL

HzRAT

INCRansomware

IPStorm

IRATA

IceFireRansomware

IceXLoader

IcedId

Icefrog

ImminentMonitor

Immortal Stealer

In2al5dp3in4erLoader

Industroyer

Industroyer2

Infy

InstatWiper

IronWind

IsmAgent

IssacWiper

Ixeshe

JLoRat

JSocket

Jaff

JaffRansomware

Jianmo

JripBot

Jupyter

KMSPico

KRBanker

KTLVdoor

KandyKorn

Karma

KasseikaRansomware

KematianStealer

Keybase

KghSpy

KimjongRat

Kinsing

Knot

Koadic

Kobalos

KoiLoader

Konni

Korlia

Kovter

KoxicRansomware

KrakenGoBotnet

Kriptovor

Kronos

KrusRansomware

KrustyLoader

KurayStealer

Kutaki

Kwampirs

LEMURLOOT

Lalala Stealer

Lambert

Lampion

LatentBot

Latrodectus

LazyScripter

LeetMX

LemonDuck

LgoogLoader

LightningFramework

LilithBot

LilithRansomware

Limerat

Linux.Spike

LitterDrifter

Lobshot

LockBitRansomware

LockerGoga

LockyRansomware

Loda

Log4JMalware

LokiLockerRansomware

LokiPasswordStealer

Lokibot

LorenzRansomware

Lucifer

LummaStealer

M0yv

MNKit

MacOS.AdLoad

MacOS.Adwind

MacOS.AppleJeus

MacOS.BirdMiner

MacOS.Calisto

MacOS.Cointicker

MacOS.Coldroot

MacOS.Convuster

MacOS.Cookieminer

MacOS.Dok

MacOS.Dummy

MacOS.Evilquest

MacOS.KeRanger

MacOS.Kitm

MacOS.LaoShu

MacOS.Macma

MacOS.Pirrit

MacOS.Shlayer

MacOS.Tarmac

MacOS.WireLurker

MacOS.XCSSET

MacOS.XLoader

MacOS.Zuru

MagicRAT

Magnat

MagniberRansomware

Mandrake

Manjusaka

MarsStealer

MassLogger

Matanbuchus

MauiRansomware

Maze

MedusaLocker

MekotioBanker

MementoRansomware

MeowRansomware

MercurialStealer

Metamorfo

MgBot

MicroClip

Micropsia

MidasRansomware

MinodoLoader

Mirai

Mispadu

Mmon

Modernloader

MoishaRansomware

Molerats

MoneyRansomware

MooBot

Moqhao

MortisLocker

MosesStaff

MuddyWater.Alien

Multigrain

Murofet

MyDogs

MyDoom

MyloBot

MysticStealer

NSIS

Nachocheese

Nanhaishu

NanoLocker

Nanocore

Necro

Necurs

NerbianRAT

Neshta

NetFilter

NetSupport

NetSupportRAT

NetTraveler

NetWireRAT

Netwalker

Networm

NeutrinoBot

NeutrinoEK

NewBotLoader

Nexus

Ngrbot

NightHawkRAT

NightSkyRansomware

Nimrev

NineRAT

NitlovePOS

NjRat

NodeStealer

NokoyawaRansomware

Nosu

NuclearEK

Nukesped

Nullmixer

Numando

NvRendererMiner

Octocrypt

Ohagi

Okiru

OldGremlin

OnlinerSpambot

OnyxRansomware

OrBit

Orcus

OriginLogger

Oscorp

Oski

Osno

Ousaban

Owowa

OxyPumper

Oyster

P2PInfect

PIVY

PLAYRansomware

PPAMDropper

PadCrypt

Panchan

PandaBanker

PandoraRansomware

Paradies

ParadiseRansomware

ParallaxRat

PassCV

Pay2Key

Pegasus

PetyaRansomware

PhiladelphiaRansomware

PhobosRansomware

Phorpiex

PickandPlaceRAT

PikaBot

PingPull

PlanetStealer

PlatinumGroup

PlugX

Pony

Poseidon

PoweRAT

PowerStager

Powersniff

Predator the Thief

PrivateLoader

ProLock

ProjectSauron

Prometei

PryntStealer

Pterodo

Punkey

PupyRAT

PureCrypter

PureLogStealer

PurpleFox

Pushdo

PwnPOS

Pymafka

Pysa

QakBot

Qealler

QtBot

QuantumRansomware

QuasarRAT

REvil

ROMCOMRat

RTMLocker

RURansom

RaccoonStealer

RagnarLocker

Rakos

Ramdo

RansomExx

Rapperbot

RaspberryRobin

RatDispenser

RatMilad

Ratopak

RawPOS

Rawdoor

Razy

Rdat

Reaver

RecordBreaker

RedAlertRansomware

RedCap

RedLeaves

RedLine

Rekoobe

Rekt Loader

Remcos

Retefe

RevengeRAT

RhadamanthysLoader

RhysidaRansomware

RisePro

RoadsweepRansomware

RoamingMantis

RockLoader

RogueRobin

RokRAT

Rombertik

RookRansomware

Roopy

RotaJakiro

Rovnix

RoyalRansomware

Rozena

RtPOS

RustBucket

Ryuk

SFileRansomware

SIGNBT

SPECTRALVIPER

STOPRansomware

STRRAT

SVCReady

SYS01Stealer

SageRansomware

Saitama

Sakula

Sality

SamsamRansomware

Sanya

Satacom

Satana

ScareCrowRansomware

Scieron

ScrubCrypt

SectopRAT

ShadowPad

SharkBot

ShellCrew

Shellbot

Shifu

Shikitega

ShimRAT

ShinoLocker

ShinyMW2Exploit

Shlayer

Sidewalk

Sierra

SiestaGraph

Siloscape

Skipper

SkuldStealer

SkypeWorm

Slave

Sliver

SmashJacker

SmokeLoader

SnakeKeylogger

SocGholish

Socks5Systemz

SolarwindsBreach

SpiderpigRAT

Spring4Shell

SshNet

Stantinko

StealBit

Stealc

Stegoloader

Strab

StrifeWater

SubtlePaws

SugarRansomware

SundownEK

SunnyDayRansomware

SweetSpecter

SwiftSlicerWiper

Sword2033

Sykipot

Symmi

SynAckRansomware

SysJoker

Syslogk

SystemBC

TelB

Telemiris

TempStealer

TerraStealer

TeslaCrypt

Thanatos

ThanosRansomware

TianySpy

TidePool

Tinba

TinyTurla

TitanStealer

Tofsee

TokyoX

Tomiris

ToneShell

Tor2Mine

Trat

TriangleDB

TrickBot

TrickGate

TrigonaRansomware

Trochilus Rat

TrollStealer

Truebot

TsCookie

TunnelSpecter

Tur

Turian

Turla

TwoFace

TypeHash

UBoatRAT

UDPRat

Upatre

Upstyle

Urausy

UsbCulprit

UsbFerry

VBCrypt

VMProtect

VSingle

Vadokrist

Vaggen

Valyria

VareStealer

Vawtrak

VenomRAT

VenusRansomware

VermilionStrike

Vermin

VettaLoader

Vidar

VideoSkimmer

VileLoader

ViperSoftX

Virlock

VirusSign

Voho

VohukRansomware

Void

Volgmer

Vultur

WSLMalware

WagnerWiper

WannaCry

Warmcookie

WellMail

WellMess

Werdlod

WhisperGate

WhiteBlackCrypt

WhiteRabbitRansomware

WikiLoader

Win32.CrowdStruck

WinDealer

WinMM

WineLoader

WinsLoader

WizardUpdate

WpBruteBot

XBinder

XCSSET

XFilesStealer

XLoader

XMRig

XPack

XPertRat

XRat

XTremeRat

XTunnel

XWorm

XXMM

XdSpy

Xdr33

XenoRAT

Xenomorph

XorDdoS

XsPlus

YTStealer

YanluowangRansomware

Yorekey

YoungLotus

Zanubis

Zenar

ZeroT

Zeus

ZeusAction

ZharkRAT

Zombinder

Zumanek

ZuoRAT

dnWipe

in2al5dp3in4erLoader

node-ipc-Protestware

slnRAT

zLoader

zLob

zgRAT

zxShell

In order to upload the families a reques from the customer needs to be done.

Depending on the malware family, up to 10 samples can be uploaded for each family.