Net-Traveler

Forum for analysis and discussion about malware.
Post Reply
dumb110
Posts: 111
Joined: Tue Jun 05, 2012 1:29 pm

Net-Traveler

Post by dumb110 » Thu Jun 06, 2013 8:13 am

29a420e52b56bfadf9f0701318524bef
6eb5932b0ed20f11f1a887bcfbdde10f
b600089a93275fa93558695b707b87ad
917e36946c67414a988f6878d9d0cdfe
36ed86602661bb3a7a55e69fde90ee73
059a7482efee3b2abf67c12d210cb2f7
151e5d1bb8142835633cfd398e2e0ca3
63494c74db9bfc2bba3983698c952de9
f4f14d4a1e34f62eeb9a90b5c8b2cfc1
e5954b8204eb321d20bed4a86b3cef34
0e2b10015fe52b7ea77a213f0c330557

http://www.securelist.com/en/downloads/ ... -final.pdf

User avatar
Squirl
Posts: 15
Joined: Sun Apr 03, 2011 11:48 pm

Re: Net-Traveler

Post by Squirl » Thu Jun 06, 2013 8:53 am

151e5d1bb8142835633cfd398e2e0ca3 attached
You do not have the required permissions to view the files attached to this post.

User avatar
NoSense
Posts: 11
Joined: Fri Dec 28, 2012 11:38 am

NetTraveler other samples

Post by NoSense » Sat Feb 08, 2014 12:31 am

Hi community,
I've lurked a lot in this forum and I've been able to contribute only a few times, sorry for that..

This is my first sample request and is a request about a sample that have been already requested in late june 2013 and got a sample, unfortunately only one of them.
Here is the old thread: http://www.kernelmode.info/forum/viewto ... ler#p19562
29a420e52b56bfadf9f0701318524bef
6eb5932b0ed20f11f1a887bcfbdde10f
b600089a93275fa93558695b707b87ad
917e36946c67414a988f6878d9d0cdfe
36ed86602661bb3a7a55e69fde90ee73
059a7482efee3b2abf67c12d210cb2f7
151e5d1bb8142835633cfd398e2e0ca3
63494c74db9bfc2bba3983698c952de9
f4f14d4a1e34f62eeb9a90b5c8b2cfc1
e5954b8204eb321d20bed4a86b3cef34
0e2b10015fe52b7ea77a213f0c330557

http://www.securelist.com/en/downloads/ ... -final.pdf
Also I'm wondering if someone has the sample of the new one:
http://www.kaspersky.com/about/news/vir ... new_tricks

TAGS (to make it easy for future lurkers to find this topic): NetTraveler, Net-Traveler, TravNet.

User avatar
Xylitol
Global Moderator
Posts: 1671
Joined: Sat Apr 10, 2010 5:54 pm
Location: Seireitei, Soul Society
Contact:

Re: Net-Traveler

Post by Xylitol » Sat Feb 08, 2014 1:33 am

everything in attachement.
You do not have the required permissions to view the files attached to this post.

User avatar
Xylitol
Global Moderator
Posts: 1671
Joined: Sat Apr 10, 2010 5:54 pm
Location: Seireitei, Soul Society
Contact:

Re: NetTraveler other samples

Post by Xylitol » Sat Feb 08, 2014 1:41 am

If you have some hash i can help probably, resolved the other missing samples.

User avatar
NoSense
Posts: 11
Joined: Fri Dec 28, 2012 11:38 am

Re: NetTraveler other samples

Post by NoSense » Sat Feb 08, 2014 3:02 pm

Xylitol wrote:If you have some hash i can help probably, resolved the other missing samples.
My bad, here are the 2 hashes:

c263b4a505d8dd11ef9d392372767633
15e8a1c4d5021e76f933cb1bc895b9c2

CVEs:
CVE-2013-2465
CVE-2012-0158

Source:
https://www.securelist.com/en/blog/2082 ... New_Tricks

Thank you for the other samples Xylitol!

User avatar
Xylitol
Global Moderator
Posts: 1671
Joined: Sat Apr 10, 2010 5:54 pm
Location: Seireitei, Soul Society
Contact:

Re: NetTraveler other samples

Post by Xylitol » Sat Feb 08, 2014 3:34 pm

Can't get c263b4a505d8dd11ef9d392372767633 :/
You do not have the required permissions to view the files attached to this post.

User avatar
NoSense
Posts: 11
Joined: Fri Dec 28, 2012 11:38 am

Re: NetTraveler other samples

Post by NoSense » Thu Feb 13, 2014 3:06 pm

new hashes:
fc3162106c51a49edbc306d6d7b3a630
247e7ec7fab0c1c384d6845ffd6d3d76
1ea1daf6afdfbb5486ff148f6766467a
eefad41c8375ec69db3404b9824aa66b
553d9bd73a784b11aa513d5d8a53ba5f
ab4405117858872c895e04db08660b65
367243ab8c37bc1fc5ad1e53a401ddc8
73808b0627eb6983908235bca9ac3d5b
2086ac5333af04f0ced15ac32378f01d

source:
http://cryptam.com/docsearch.php?sha256 ... df9658dcf7

User avatar
Xylitol
Global Moderator
Posts: 1671
Joined: Sat Apr 10, 2010 5:54 pm
Location: Seireitei, Soul Society
Contact:

Re: NetTraveler other samples

Post by Xylitol » Sat Feb 22, 2014 11:43 pm

You do not have the required permissions to view the files attached to this post.

Post Reply