Search found 113 matches

by patriq
Wed Jan 11, 2017 7:04 pm
Forum: Malware
Topic: Win32/Xswkit (alias Gootkit)
Replies: 61
Views: 120948

Re: Win32/Xswkit (alias Gootkit)

para la policia -drop location Madrid Spain.
(BIC for BANKIA S.A. bank located in VALENCIA - SPAIN)
gootkit_panel.PNG
by patriq
Wed Nov 02, 2016 8:00 pm
Forum: Newbie Questions
Topic: List of actual Ransomware
Replies: 3
Views: 8371

Re: List of actual Ransomware

also 777, 7ev3n, 7h9r, 8lock8, ACCDFISA v2.0, AiraCrop, Al-Namrood, Alcatraz, Alfa, Alma Locker, Alpha, AMBA, AngryDuck, Anubis, Apocalypse, Apocalypse (New Variant), ApocalypseVM, APT, ASN1 Encoder, AutoLocky, AxCrypter, BadBlock, Bandarchor, BankAccountSummary, Bart, Bart v2.0, BitCrypt, BitCrypt ...
by patriq
Wed Nov 02, 2016 7:57 pm
Forum: Newbie Questions
Topic: List of actual Ransomware
Replies: 3
Views: 8371

Re: List of actual Ransomware

Do 5 mins of google on your own for fucksake..

http://www.bleepingcomputer.com/forums/ ... ?p=1307244
by patriq
Mon Oct 10, 2016 10:16 pm
Forum: Malware
Topic: Win32/StrongPity
Replies: 0
Views: 8589

Win32/StrongPity

https://securelist.com/blog/research/76147/on-the-strongpity-waterhole-attacks-targeting-italian-and-belgian-encryption-users/ http://usa.kaspersky.com/about-us/press-center/press-releases/2016/Kaspersky_Lab_Reveals_Advanced_Persistent_Threat_StrongPity some win32/strongpity stuff attached caced8a4...
by patriq
Fri Sep 09, 2016 4:49 pm
Forum: Completed Malware Requests
Topic: Scylex
Replies: 2
Views: 8029

Re: Scylex

from your link "Scylex hasn’t been spotted in the wild" I also checked out Lampeduza and couldn't find that advertisement or user account 'Others' The video htxps://a.cocaine.ninja/vkkpew.mp4 shows a hidden vnc backconnect, features listed include form grabbing and webinjects, download and execute i...
by patriq
Wed Aug 03, 2016 9:07 pm
Forum: Malware
Topic: Winlocker.VB6.Blacksod
Replies: 3
Views: 6188

Re: Winlocker.VB6.Blacksod

When I google "1-866-933-5490" This is the first result - hxxp://www.tekexpert.net/contact-us.html Possibly related, looks like a scam tech support page. Samples that contact recoverpcerror.com (just visit the index and a sample downloads) https://www.virustotal.com/en/file/c3edf555f78efa240cc0aea22...
by patriq
Mon Jul 11, 2016 2:44 am
Forum: Malware
Topic: Win32/Cerber
Replies: 76
Views: 162429

Re: Win32/Cerber

"global_public_key" xors, not sure if you noticed but the past two configs have the same key. (base64 decode) LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF2a3R5NXFocUV5ZFI5MDc2RmV2cAowdU1QN0laTm1zMUFBN0dQUVVUaE1XYllpRVlJaEJLY1QwL253WXJCcTBPZ3Y3OUsxd...
by patriq
Sat Jul 09, 2016 3:31 pm
Forum: Completed Malware Requests
Topic: MEDJACK.2 (Conficker)
Replies: 1
Views: 3056

Re: MEDJACK.2 (Conficker)

marketing bullshit