Search found 62 matches

by tWiCe
Thu Aug 03, 2017 2:36 pm
Forum: Completed Malware Requests
Topic: Old osx worm "Niqtana"
Replies: 2
Views: 8939

Re: Old osx worm "Niqtana"

Thanks!
by tWiCe
Mon Jun 26, 2017 10:04 am
Forum: Completed Malware Requests
Topic: Old osx worm "Niqtana"
Replies: 2
Views: 8939

Old osx worm "Niqtana"

Hi all,

I'm interested in files of the old worm called "Niqtana" for OSX. Google doesn't help :/

As far as I understand it consists of several files? If so, it would be nice to get a full pack.
by tWiCe
Sat Jun 24, 2017 10:19 am
Forum: Malware
Topic: Possibly OS/X Ransomware (File coder)
Replies: 5
Views: 12469

Re: Possibly OS/X Ransomware (File coder)

4.The malware will generate the key by creating a buffer with a size of 256 that contains [0-0x100] (like buffer[0]=0 buffer[1] = 1 etc) and swapping the value based on MAC Address. (I can't explain it well, english is not my native language. can someone explain this? hehe) It's initialization of R...
by tWiCe
Sat Jun 24, 2017 10:14 am
Forum: Malware
Topic: Possibly OS/X Ransomware (File coder)
Replies: 5
Views: 12469

Re: Possibly OS/X Ransomware (File coder)

Seriously, stop call malware CTF tasks. This one is a binary task #4 of https://labyrenth.com CTF challenge 2017.
by tWiCe
Thu May 18, 2017 7:13 pm
Forum: Malware
Topic: Linux/FileCoder (Linux.Encoder)
Replies: 18
Views: 43534

Re: Linux/FileCoder (Linux.Encoder)

K_Mikhail wrote:be9d1a4dc0755a8cb16fd441c49e3231207600a6 ( - (probably, will be Linux.Encoder.8 in some future) || HEUR:Trojan-Ransom.Linux.Cryptor.g || Linux/Filecoder.J (due to response from ESET Malware Response Team))
It's not a trojan. It's a task from CTF.
by tWiCe
Thu Jan 12, 2017 5:39 pm
Forum: Malware
Topic: Malware collection
Replies: 291
Views: 367092

Re: Malware collection

maddog4012, Could you please use "code" tags for such long logs next time?
by tWiCe
Fri Dec 16, 2016 5:50 pm
Forum: Malware
Topic: Linux.CyberEurope
Replies: 7
Views: 10718

Re: Linux.CyberEurope

A detailed description could be found here: http://vms.drweb.com/virus/?_is=1&i=8598627
by tWiCe
Fri Dec 02, 2016 7:33 am
Forum: Malware
Topic: Request Linux malwares
Replies: 1
Views: 8039

Re: Request Linux malwares

You can read topics of this forum regarding different linux malware families. The list of topics: http://www.kernelmode.info/forum/viewto ... =16&t=3471
by tWiCe
Thu Oct 06, 2016 3:09 pm
Forum: Malware
Topic: Understending Botnet Mirai/GayFgt
Replies: 15
Views: 14888

Re: Understending Botnet Mirai/GayFgt

>But I don't see file where was call """Apache ""

huh? The link you provided has compiled binaries of downloaders and sources for downloader and mirai itself. Where you saw file called "apache" ?
by tWiCe
Thu Oct 06, 2016 12:41 pm
Forum: Malware
Topic: Understending Botnet Mirai/GayFgt
Replies: 15
Views: 14888

Re: Understending Botnet Mirai/GayFgt

Okey, then it's just blocking requests from my ip. :) >What hacker doing with this source .Insert in infected server.???????? A hacker would need to compile these sources into binary file before distributing it. Of course, one may want to distribute it in source and compile it on thte target device,...