MalwareBazaar Database
This page shows some basic information the YARA rule win_evilconwi_w0 including corresponding malware samples.
Database Entry
| YARA Rule: | win_evilconwi_w0 |
|---|---|
| Author: | Karsten Hahn @ G DATA CyberDefense |
| Description: | Settings from app.config that hide the connection of the client. These settings are potentially unwanted |
| Firstseen: | 2025-10-03 17:17:56 UTC |
| Lastseen: | 2025-11-22 11:15:33 UTC |
| Sightings: | 24 |
Malware Samples
The table below shows all malware samples that matching this particular YARA rule (max 1000).
| Firstseen (UTC) | SHA256 hash | Tags | Signature | Reporter |
|---|