Search found 204 matches

by Blaze
Wed Mar 14, 2018 9:32 am
Forum: Malware
Topic: Sandboxes (Discussion)
Replies: 25
Views: 17629

Re: Sandboxes (Discussion)

Two new ones:

https://app.any.run/ (registration needed)
https://cape.contextis.com/
by Blaze
Thu Jun 02, 2016 9:55 am
Forum: Malware
Topic: Win32/Cerber
Replies: 71
Views: 125748

Re: Cerber

Another sample.
by Blaze
Tue Mar 01, 2016 12:43 pm
Forum: Malware
Topic: Malware Derusbi server-variant
Replies: 2
Views: 3032

Re: Malware Derusbi server-variant

Derusbi for 64-bit Linux. https://www.fidelissecurity.com/sites/default/files/TA_Fidelis_Turbo_1602%283%29.pdf (PDF) In the summer of 2015, Fidelis Cybersecurity had the opportunity to analyze a Derusbi malware sample used as part of a campaign we’ve labeled Turbo, for the associated kernel module t...
by Blaze
Wed Feb 17, 2016 4:49 pm
Forum: Malware
Topic: Win32/Critroni (CTB-Locker)
Replies: 35
Views: 48138

Re: Win32/Critroni (CTB-Locker)

Another one (localised, Dutch). Signed executable.

Image

https://twitter.com/bartblaze/status/699996668348010497
by Blaze
Thu Feb 04, 2016 9:56 am
Forum: Malware
Topic: HydraCrypt ransomware
Replies: 0
Views: 1806

HydraCrypt ransomware

Again another one. Thanks to Brad (@malware_traffic).

http://malware-traffic-analysis.net/201 ... ndex2.html

Image

Callback:

Code: Select all

http://drivers-softprotect.eu/flamme.php
http://drivers-softprotect.eu/img.jpg
Mentioned sample + additional samples attached.
by Blaze
Wed Feb 03, 2016 3:34 pm
Forum: Malware
Topic: Vipasana ransomware
Replies: 1
Views: 1845

Vipasana ransomware

Nothing too special, but feel free to check it out. Blog: http://bartblaze.blogspot.com/2016/02/vipasana-ransomware-new-ransom-on-block.html http://1.bp.blogspot.com/-VoE-n0BNQbM/Vq-EOcEwG_I/AAAAAAAABYk/K7h8RIYTd9Q/s1600/desk.jpg Callback: http://shopping-na-divane.ru/system/logs/tool/inst.php http:...
by Blaze
Fri Jan 29, 2016 2:20 pm
Forum: Malware
Topic: Android Malware(All Android malware goes here)
Replies: 101
Views: 132623

Re: Android Malware(All Android malware goes here)

LockDroid. (~PornDroid spinoff) See also: http://www.symantec.com/connect/blogs/android-ransomware-variant-uses-clickjacking-become-device-administrator Would be great if Symantec could provide some more (f)actual information. Claims to be from the Ministry of Internal Affairs of the Russian Federat...