Fraud/Rouge software

Forum for analysis and discussion about malware.
User avatar
FakeAVHunter
Posts: 96
Joined: Thu Feb 01, 2018 6:20 pm
Location: Romania
Contact:

Re: Fraud/Rouge software

Post by FakeAVHunter » Sun Apr 29, 2018 4:14 am

MalwareRemovalBOT
Image
MalwareRemoval BOT.zip
You do not have the required permissions to view the files attached to this post.

Fedor22
Posts: 32
Joined: Sun Dec 03, 2017 5:50 pm
Location: Russian Federation

Re: Fraud/Rouge software

Post by Fedor22 » Mon Jun 18, 2018 8:59 am

Best Antivirus
Image
You do not have the required permissions to view the files attached to this post.

User avatar
FakeAVHunter
Posts: 96
Joined: Thu Feb 01, 2018 6:20 pm
Location: Romania
Contact:

Re: Fraud/Rouge software

Post by FakeAVHunter » Sat Jun 23, 2018 1:40 pm

Windows Paramount Protection
Image
He is same as windows expert console aka fakevimes.
Image
I Am a youtuber , have fun with this sample from virusshare.
Windows Paramount Protection.zip
You do not have the required permissions to view the files attached to this post.

User avatar
FakeAVHunter
Posts: 96
Joined: Thu Feb 01, 2018 6:20 pm
Location: Romania
Contact:

Re: Fraud/Rouge software

Post by FakeAVHunter » Wed Jul 04, 2018 6:57 am

Security Guard 2012 found sample by me.
Images : Image

Screenshot (999).png
Screenshot (1003).png
AV Results : AhnLab-V3 = Trojan/Win32.Jorik
AntiVir = TR/Crypt.ZPACK.Gen
Antiy-AVL = Backdoor/Win32.Gbot.gen
Avast = Win32:Cycbot-MS [Trj]
AVG = Generic25.SSN
BitDefender = Trojan.Generic.KD.371604
CAT-QuickHeal = Backdoor.Cycbot.B
Commtouch = W32/Goolbot.N.gen!Eldorado
Comodo = Heur.Suspicious
DrWeb = Trojan.DownLoader5.840
Emsisoft = Trojan.Win32.FakeAV!IK
eSafe = Win32.TRCrypt.ZPACK
eTrust-Vet = Win32/FraudSecurity.B!generic
F-Prot = W32/Goolbot.N.gen!Eldorado
F-Secure = Rogue:W32/OpenCloud.A
Fortinet = W32/FakeAV.ISS!tr
GData = Trojan.Generic.KD.371604
Ikarus = Trojan.Win32.FakeAV
K7AntiVirus = Backdoor
Kaspersky = Backdoor.Win32.Gbot.pld
McAfee-GW-Edition = BackDoor-EXI.gen.t
McAfee = BackDoor-EXI.gen.t
Microsoft = Rogue:Win32/FakeScanti
NOD32 = a variant of Win32/Kryptik.TOL
Norman = W32/Cycbot.EH
nProtect = Trojan/W32.Agent.2407424.H
Panda = Trj/Cycbot.gen
PCTools = Trojan.Gen
Sophos = Mal/FakeAV-IS
Symantec = Trojan.Gen.2
TheHacker = Trojan/Kryptik.tol
TrendMicro-HouseCall = TROJ_SPNR.15L411
TrendMicro = TROJ_SPNR.15L411
VBA32 = Backdoor.Gbot.pld
VIPRE = Trojan.Win32.FakeAV.IS (v)
VirusBuster = Trojan.Cycbot.Gen!Pac.5
Size of malware : 2.29 mb 2,351 kb
MD5 66613048c0761907dbf89e63a3c2b060
SHA1 508d73343ad03ea9bb16dc240afa45dbfd7e6fc3
SHA256 12b9716fee979c9f803b760b330973ea69a9d69292461beee0906c70b68e20ec
Thanks Virusshare.I Make a youtube video about this soon.
The activation code and kill code are : 9972665267 9992665263
Download sample :
Security Guard 2012.zip
You do not have the required permissions to view the files attached to this post.

User avatar
FakeAVHunter
Posts: 96
Joined: Thu Feb 01, 2018 6:20 pm
Location: Romania
Contact:

Best VIRUS Protection fakeav working NO UNPACK NO DUMP NO FIX VM

Post by FakeAVHunter » Fri Sep 14, 2018 5:54 am

Screenshot (346).png
I Dont need unpack fixvm sometimes so fakevimes was created to work only on host pc
Renaming the folder and file that fakevimes accept and /s /d command can work
You do not have the required permissions to view the files attached to this post.

Post Reply