Fraud/Rouge software

Forum for analysis and discussion about malware.
Post Reply
icr
Posts: 8
Joined: Mon Aug 22, 2011 6:22 pm

Re: Fraud/Rouge software

Post by icr » Sat Oct 01, 2011 1:15 pm

I apologize for the mistake I made to my post earlier where I removed the intended malware programs(I am talking about that digitally signed ones) and instead reuploaded those SMS fraud programs(due to some error as said frame4-mdpro). I did that by mistake so I am going to upload now over again. Sorry for the mistake :oops: :oops:


A Suspicious Rogue Application (Digitally Signed)

B90722F666C0650E8DDF37C8580C4A67 http://www.virustotal.com/file-scan/rep ... 1317388462

98564BCE2D93D65171C72F3DB88767B4 http://www.virustotal.com/file-scan/rep ... 1317455897

8EF593E5B9A848AA89C407DD9AAE47A7 http://www.virustotal.com/file-scan/rep ... 1317393008

regards,
icr ;)
You do not have the required permissions to view the files attached to this post.
Last edited by icr on Sat Oct 01, 2011 5:52 pm, edited 2 times in total.

frame4-mdpro
Posts: 39
Joined: Wed Jul 13, 2011 1:53 am

Re: Fraud/Rouge software

Post by frame4-mdpro » Sat Oct 01, 2011 1:21 pm

icr wrote:SMS sending programs
Total 25 files
Original Size : 17,549,792 bytes
7z size : 1,510,135 bytes

regards,
icr ;)
Hi,

The archive gives an error - could you please check?

Thanks,
Anthony

User avatar
Striker
Posts: 52
Joined: Thu Mar 10, 2011 2:22 pm
Location: Germany
Contact:

Re: Fraud/Rouge software

Post by Striker » Sat Oct 01, 2011 11:41 pm

SMS Hoax - JDownloader

Target: jdownloader.exe
Packed with UPX
Size: 714 KB (Unpacked: 2,39 MB)

VT: http://www.virustotal.com/file-scan/rep ... 1317512024

Image
You do not have the required permissions to view the files attached to this post.
Я люблю старые времена.

Image

rough_spear
Posts: 163
Joined: Mon Oct 18, 2010 4:46 pm
Location: India

Re: Fraud/Rouge software

Post by rough_spear » Fri Oct 07, 2011 4:54 pm

SMS Hoax

File name - file15082.exe
VT Link - http://www.virustotal.com/file-scan/rep ... 1317981791


Regards,


rough_spear. ;)
You do not have the required permissions to view the files attached to this post.

rough_spear
Posts: 163
Joined: Mon Oct 18, 2010 4:46 pm
Location: India

System Restore

Post by rough_spear » Sun Oct 09, 2011 6:30 pm

System Restore

Hi, :D

Image


Dropper file - 531-01.exe
File size - 453 KB
VT Link - http://www.virustotal.com/file-scan/rep ... 1318117124

Dropped files - CA42.tmp
File Size - 300 KB
VT LInk - http://www.virustotal.com/file-scan/rep ... 1318183058

6DSS92c31Apgjk.exe
File Size - 342 KB
VT Link - http://www.virustotal.com/file-scan/rep ... 1318005298



Regards,


rough_spear. ;)
You do not have the required permissions to view the files attached to this post.
Last edited by EP_X0FF on Mon Oct 31, 2011 7:31 am, edited 1 time in total.
Reason: title edited, image moved to imageshack.us

rough_spear
Posts: 163
Joined: Mon Oct 18, 2010 4:46 pm
Location: India

Re: Fraud/Rouge software

Post by rough_spear » Sun Oct 09, 2011 7:15 pm

Hi,

SMS HOAX

File name - Utorrent-bonus.exe
File size - 2574 KB
web link - hxxp://sochaux.ru/Utorrent-bonus.exe
VT Link - http://www.virustotal.com/file-scan/rep ... 1318185036

Regards,


rough_spear.
You do not have the required permissions to view the files attached to this post.

User avatar
Xylitol
Global Moderator
Posts: 1659
Joined: Sat Apr 10, 2010 5:54 pm
Location: Seireitei, Soul Society
Contact:

Re: Fraud/Rouge software

Post by Xylitol » Mon Oct 10, 2011 7:38 am

Exposing Software Sellers (Fake OEM) ~ http://xylibox.blogspot.com/2011/10/tra ... llers.html

Image

List of keywords, banners as usual in attach...

Code: Select all

Shop Engine 1.2.4.1 (146 Mb):
http://dl.dropbox.com/u/14644039/SSse-1.2.4.1.zip
You do not have the required permissions to view the files attached to this post.

User avatar
Xylitol
Global Moderator
Posts: 1659
Joined: Sat Apr 10, 2010 5:54 pm
Location: Seireitei, Soul Society
Contact:

Re: Fraud/Rouge software

Post by Xylitol » Mon Oct 10, 2011 8:04 am

Exposing Books Sellers (Fake Ebooks) ~ http://xylibox.blogspot.com/2011/10/tra ... -fake.html
sister affiliate of Software Sellers.

Image

List of keywords, banners as usual in attach.

Code: Select all

BS Webmasters Engine 1.0.1.0.0 (8,83 Mb):
http://dl.dropbox.com/u/14644039/BSWE-light-1.0.1.0.0.zip

Site ID for http://localhost: d47fa0bc2bd78b2dcf9990a68696c06b
Site ID for http://localhost/BS: 7b0c9471d028a5c5a2eced53410cd830
You do not have the required permissions to view the files attached to this post.

User avatar
Xylitol
Global Moderator
Posts: 1659
Joined: Sat Apr 10, 2010 5:54 pm
Location: Seireitei, Soul Society
Contact:

Re: Fraud/Rouge software

Post by Xylitol » Sun Oct 16, 2011 10:11 am

Exposing Luxury Cash ~ http://xylibox.blogspot.com/2011/10/tra ... -cash.html
Replica Watches / Umbrella
And Vertu Cash ~ http://xylibox.blogspot.com/2011/10/tra ... vertu.html
Vertu/iphones replica

Keywords, banners and shops engine in attach.

Image

Image
You do not have the required permissions to view the files attached to this post.

User avatar
Xylitol
Global Moderator
Posts: 1659
Joined: Sat Apr 10, 2010 5:54 pm
Location: Seireitei, Soul Society
Contact:

Re: Fraud/Rouge software

Post by Xylitol » Thu Oct 27, 2011 10:54 am

Code: Select all

hxxp://mini-opera-6.in/
hxxp://mini-opera-6.in/files/opera_mini6.jar
Image
hxxp://mini-opera-6.in/offerta.html
Правила
Для получения доступа к контенту вы должны согласиться с условиями, представленными ниже.
Ниже представлен текст соглашения-оферты между сервисом OperaSoft и Абонентом.

1. Администрация сервиса OperaSoft не несет никакой ответственности за любой прямой или косвенный ущерб, возникший в результате использования приложения, включая упущенную прибыль и понесенные убытки.
2. При первом запуске приложений OperaSoft запрашивается разрешение на передачу регистрационных данных с использованием короткого номера.
3. Пользователь вправе отказать в передаче регистрационных данных. В таком случае приложения OperaSoft остаются не активированными.
4. Администрация OperaSoft не несет никакой ответственности за содержание приложений, доступ к которым оплачивается через приложение OperaSoft.
5. Для получения доступа, к предоставляемому сервисом OperaSoft контенту, необходимо произвести оплату: отправить три ПЛАТНЫХ смс сообщения со своего мобильного телефона.
6. Плата взымается не за саму программу, а за работу по поиску софта в интернете. Поддержка абонентов: 8 800 100-73-37 (звонок бесплатный) и hxxp://rates.planet3.ru/ext.aspx
7.Стоимость СМС для номеров :

33,53 руб с ндс- 4446
169,33 ру с ндс по 7496
120 руб сндс по 7495


Цены указаны с НДС для операторов Мегафон, Билайн, МТС.
Для получения услуги абонентам МТС требуется отправить одно смс сообщение.
opera_mini6.jar 17/43 >> 39.5%
http://www.virustotal.com/file-scan/rep ... 1319712031
You do not have the required permissions to view the files attached to this post.

Post Reply