VBS/Dunihi (alias Jenxcus)

Forum for analysis and discussion about malware.
Post Reply
ikolor
Posts: 322
Joined: Thu Jun 05, 2014 2:20 pm
Location: Poland

VBS/Dunihi (alias Jenxcus)

Post by ikolor » Fri May 27, 2016 8:02 pm

You do not have the required permissions to view the files attached to this post.

User avatar
EP_X0FF
Global Moderator
Posts: 4873
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Contact:

Re: Malware collection

Post by EP_X0FF » Sun Oct 16, 2016 10:46 am

This is VBS worm Dunihi.

2nd obfuscation stage and actual VBS worm script in attach as txt files. Posts moved.

https://www.virustotal.com/en/file/2959 ... 476614487/
You do not have the required permissions to view the files attached to this post.
Ring0 - the source of inspiration

markusg
Posts: 734
Joined: Mon Mar 15, 2010 2:53 pm

Re: Malware collection

Post by markusg » Sat Feb 03, 2018 9:16 am

vb dropper

SHA-256
02047e45a38b97cb46c0944d3639aa8e9a3e22e77532315ecb436fbf8fc54705
File name
Production_server_specifications.docx.vbs

https://www.virustotal.com/#/file/02047 ... /detection
You do not have the required permissions to view the files attached to this post.

Antelox
Posts: 256
Joined: Sun Mar 21, 2010 10:38 pm
Contact:

Re: Malware collection

Post by Antelox » Sat Feb 03, 2018 3:25 pm

markusg wrote:vb dropper

SHA-256
02047e45a38b97cb46c0944d3639aa8e9a3e22e77532315ecb436fbf8fc54705
File name
Production_server_specifications.docx.vbs

https://www.virustotal.com/#/file/02047 ... /detection
VBS.Dunihi

C2: hxxp://185.82.203.194:8080/is-ready

More info: https://www.aldeid.com/wiki/1e7700b9e14 ... affb1bd049

BR,

Antelox

ikolor
Posts: 322
Joined: Thu Jun 05, 2014 2:20 pm
Location: Poland

Re: Malware collection

Post by ikolor » Wed Nov 14, 2018 3:52 pm

You do not have the required permissions to view the files attached to this post.

Antelox
Posts: 256
Joined: Sun Mar 21, 2010 10:38 pm
Contact:

Re: Malware collection

Post by Antelox » Thu Nov 15, 2018 5:01 pm

VBS Dunihi Worm

C2: audreysaradin.no-ip.org

BR,

Antelox

Post Reply