Search found 26 matches

by Squirl
Mon Aug 19, 2013 2:45 pm
Forum: Malware
Topic: Win32/Urausy (aka "WinLocker")
Replies: 80
Views: 59221

Re: Win32/Urausy (aka "WinLocker")

Hundreds of these URLs hosted on 103.31.186.29:

http://urlquery.net/search.php?q=.avi.e ... 19&max=400
by Squirl
Thu Jul 25, 2013 8:39 am
Forum: Malware
Topic: KINS modular banking Trojan
Replies: 15
Views: 10548

KINS modular banking Trojan

Hi guys,

Does anybody have any Xsums/Samples of KINS?

http://www.darkreading.com/vulnerabilit ... /240158792

Seems this Zeus copycat has been around for a few months, so hopefully somebody has something :)

Squirl
by Squirl
Fri Jun 14, 2013 2:41 pm
Forum: Malware
Topic: Zero Day Java Exploits(All Java Exploits goes here)
Replies: 68
Views: 288693

Re: Zero Day Java Exploits(All Java Exploits goes here)

Nice exploit pack found at hxxp://gingersnapportraits.com/mzmd.html

Downloaded binaries crypted with AES. Decryption routines in Chjop.class and Fiovt.class, if you can be bothered :)
by Squirl
Thu Jun 06, 2013 2:24 pm
Forum: Malware
Topic: Zero Day Java Exploits(All Java Exploits goes here)
Replies: 68
Views: 288693

Re: Zero Day Java Exploits(All Java Exploits goes here)

Redkit served up from: hxxp://csaze.com/login.php Served 5 (4 if you count the dupe) Java exploits. Attached. File name: 5c.jar https://www.virustotal.com/en/file/28383d61f8e01657484567f9c3af1959b5ba45a4ed90cb1c3239ce403fe99caa/analysis/1370522773/ File name: 5s.jnlp https://www.virustotal.com/en/fi...
by Squirl
Thu Jun 06, 2013 8:53 am
Forum: Malware
Topic: Net-Traveler
Replies: 8
Views: 7146

Re: Net-Traveler

151e5d1bb8142835633cfd398e2e0ca3 attached
by Squirl
Tue Jun 04, 2013 3:31 pm
Forum: Completed Malware Requests
Topic: Backdoor.Win32.VB.nmc
Replies: 6
Views: 3730

Re: Backdoor.Win32.VB.nmc

A +1 for the share wouldn't hurt ;)
by Squirl
Thu May 30, 2013 10:29 am
Forum: Completed Malware Requests
Topic: Backdoor.Win32.VB.nmc
Replies: 6
Views: 3730

Re: Backdoor.Win32.VB.nmc

3420DE55B8DE4B837C9CC61A8C7A3DD0 attached (ignore the filename :) )
by Squirl
Wed Apr 17, 2013 1:05 pm
Forum: Malware
Topic: Zero Day Java Exploits(All Java Exploits goes here)
Replies: 68
Views: 288693

Re: Zero Day Java Exploits(All Java Exploits goes here)

RedKit exploiting 2013-0422 (VT confirms :) ) together with all payloads.
by Squirl
Wed Apr 10, 2013 8:42 am
Forum: Malware
Topic: Zero Day Java Exploits(All Java Exploits goes here)
Replies: 68
Views: 288693

Re: Zero Day Java Exploits(All Java Exploits goes here)

Yep, you're quite right! Rushed my analysis a bit :?
by Squirl
Tue Apr 09, 2013 10:47 am
Forum: Malware
Topic: Zero Day Java Exploits(All Java Exploits goes here)
Replies: 68
Views: 288693

Re: Zero Day Java Exploits(All Java Exploits goes here)

From Blackhole
CVE 2013-0422

Jar and Executable in attached