MalwareBazaar Database
This page shows some basic information the YARA rule SUSP_Ngrok_URL including corresponding malware samples.
Database Entry
| YARA Rule: | SUSP_Ngrok_URL |
|---|---|
| Author: | SECUINFRA Falcon Team |
| Description: | Detects a PE file that contains an ngrok.io URL. This can be used as C2 channel |
| Firstseen: | 2022-03-09 18:06:14 UTC |
| Lastseen: | 2025-08-29 06:38:26 UTC |
| Sightings: | 701 |
Malware Samples
The table below shows all malware samples that matching this particular YARA rule (max 1000).
| Firstseen (UTC) | SHA256 hash | Tags | Signature | Reporter |
|---|