Malware collection

Forum for analysis and discussion about malware.

Re: Malware collection

Postby Antelox » Wed May 03, 2017 1:00 pm



Looks like a corrupted NSIS archive...

BR,

Antelox
Antelox
 
Posts: 109
Joined: Sun Mar 21, 2010 10:38 pm
Reputation point: 85

Re: Malware collection

Postby ikolor » Wed May 03, 2017 2:31 pm

You do not have the required permissions to view the files attached to this post.
ikolor
 
Posts: 242
Joined: Thu Jun 05, 2014 2:20 pm
Location: Poland
Reputation point: 16

Re: Malware collection

Postby xors » Wed May 03, 2017 4:01 pm

You do not have the required permissions to view the files attached to this post.
@xorsthings
User avatar
xors
 
Posts: 132
Joined: Mon May 23, 2016 2:01 am
Location: Greece
Reputation point: 63

Re: Malware collection

Postby ikolor » Wed May 03, 2017 4:06 pm

You do not have the required permissions to view the files attached to this post.
ikolor
 
Posts: 242
Joined: Thu Jun 05, 2014 2:20 pm
Location: Poland
Reputation point: 16

Re: Malware collection

Postby xors » Wed May 03, 2017 6:50 pm

@xorsthings
User avatar
xors
 
Posts: 132
Joined: Mon May 23, 2016 2:01 am
Location: Greece
Reputation point: 63

Re: Malware collection

Postby Antelox » Thu May 04, 2017 6:50 am

Antelox
 
Posts: 109
Joined: Sun Mar 21, 2010 10:38 pm
Reputation point: 85

Re: Malware collection

Postby ikolor » Thu May 04, 2017 1:57 pm

You do not have the required permissions to view the files attached to this post.
ikolor
 
Posts: 242
Joined: Thu Jun 05, 2014 2:20 pm
Location: Poland
Reputation point: 16

Re: Malware collection

Postby Antelox » Thu May 04, 2017 4:01 pm



This is vjw0rm.

C2:
http://majcc.pdns.cz:1512/Vre


Request sent with the following UA:
User-Agent: PLAY3_24C2B6A0\XT3X8xZjeP\16GxC1L\Microsoft Windows 7 Home Premium \undefined\\YES\TRUE\


BR,

Antelox
Antelox
 
Posts: 109
Joined: Sun Mar 21, 2010 10:38 pm
Reputation point: 85

Re: Malware collection

Postby markusg » Fri May 05, 2017 3:08 pm

perhaps some sort of backdoor
SHA256:
d54f87249787de6cd5f3b3048b1d4bc1c34cfab1f3334ae8f9d869a0090a9a29  
https://virustotal.com/de/file/1881f373 ... /analysis/
You do not have the required permissions to view the files attached to this post.
markusg
 
Posts: 713
Joined: Mon Mar 15, 2010 2:53 pm
Reputation point: 141

Re: Malware collection

Postby ikolor » Sat May 06, 2017 8:36 am

You do not have the required permissions to view the files attached to this post.
ikolor
 
Posts: 242
Joined: Thu Jun 05, 2014 2:20 pm
Location: Poland
Reputation point: 16

PreviousNext

Return to Malware

Who is online

Users browsing this forum: No registered users and 7 guests