CYFARE - MALWARE QUERY ENGINE / DOWNLOAD MALWARE / MALWARE INFO / THREAT HUNTING / THREAT INTELLIGENCE

Download Malware

Command:

download=SHA256_HASH

Example:

download=2676f127b2b71d44f494027fbac4a20bc8be2257fe8a201b28b9780056bde24f

Hash Info

Command:

hash_info=HASH

Example (MD5, SHA1, SHA256):

hash_info=2676f127b2b71d44f494027fbac4a20bc8be2257fe8a201b28b9780056bde24f

Type Info

Command:

type_info=FILE_TYPE

Example:

type_info=docx

Tag Info

Command:

tag_info=TAG

Example:

tag_info=Lazarus

Yara Matches

Command:

yara=YARA_RULE

Example:

yara=win_remcos_g0

Hash Similarity

Command (TLSH / SSDEEP):

sim_hash=HASH_VALUE

Example (TLSH):

sim_hash=2676f127b2b71d44f494027fbac4a20bc8be2257fe8a201b28b9780056bde24f

CN Serial (Certificates)

Command:

cn_serial=SERIAL_NUMBER

Example:

cn_serial=51CD5393514F7ACE2B407C3DBFB09D8D

Country (Slow Query!)

Command:

country=COUNTRY_CODE

Example (e.g., IN, US, RU):

country=IN

Sample Tags

Tag Examples
exe
dll
32
64
AgentTesla
CobaltStrike
elf
mirai
signed
zip

Sample Yara Rules

Rule Name Examples
Skystars_Malware_Imphash
pe_imphash
DebuggerCheck__API
NETexecutableMicrosoft
MD5_Constants
maldoc_find_kernel32_base_method_1
unixredflags3
maldoc_getEIP_method_1
meth_get_eip
INDICATOR_SUSPICIOUS_Binary_References_Browsers
RIPEMD160_Constants
SHA1_Constants
linux_generic_ipv6_catcher
INDICATOR_SUSPICIOUS_EXE_References_Messaging_Clients

Cyber Security

3D Fabrication

Extra Apps

Social

CYFARE.NET

CyberSec & Tech Products

Malware Query Engine

Quick Reference

Download Malware

Hash Info

Type Info

Tag Info

Yara Matches

Hash Similarity

CN Serial (Certificates)

Country (Slow Query!)

Sample Tags

Sample Yara Rules