Malware collection

Forum for analysis and discussion about malware.

Re: Malware collection

Postby ikolor » Thu Dec 14, 2017 7:20 pm

You do not have the required permissions to view the files attached to this post.
ikolor
 
Posts: 271
Joined: Thu Jun 05, 2014 2:20 pm
Location: Poland
Reputation point: 16

Re: Malware collection

Postby ikolor » Fri Jan 05, 2018 8:41 pm

You do not have the required permissions to view the files attached to this post.
ikolor
 
Posts: 271
Joined: Thu Jun 05, 2014 2:20 pm
Location: Poland
Reputation point: 16

Re: Malware collection

Postby ikolor » Sun Jan 07, 2018 2:17 pm

You do not have the required permissions to view the files attached to this post.
ikolor
 
Posts: 271
Joined: Thu Jun 05, 2014 2:20 pm
Location: Poland
Reputation point: 16

Re: Malware collection

Postby Fedor22 » Fri Jan 12, 2018 4:50 pm

Blast Button Downloader (Application.Bundler.Dlhelper.120)
VT: https://www.virustotal.com/en/file/dda4 ... /analysis/
You do not have the required permissions to view the files attached to this post.
Fedor22
 
Posts: 13
Joined: Sun Dec 03, 2017 5:50 pm
Location: Russian Federation
Reputation point: 17

Re: Malware collection

Postby Antelox » Mon Jan 15, 2018 9:11 am



The file with SHA256: 3a529002374cd6e62940828e92b4745798f779c6a819c8d75ab3e76ef59641e8 is a zip file containing AZORult malware.

BR,

Antelox
Antelox
 
Posts: 143
Joined: Sun Mar 21, 2010 10:38 pm
Reputation point: 119

Re: Malware collection

Postby Fedor22 » Mon Jan 15, 2018 3:17 pm

Roller Coaster Tycoon 2 Crack. It's a Trojan.Agent.CNOZ.
VT: https://www.virustotal.com/ru/file/6851 ... /analysis/
You do not have the required permissions to view the files attached to this post.
Fedor22
 
Posts: 13
Joined: Sun Dec 03, 2017 5:50 pm
Location: Russian Federation
Reputation point: 17

Re: Malware collection

Postby ikolor » Tue Jan 16, 2018 4:47 pm

You do not have the required permissions to view the files attached to this post.
ikolor
 
Posts: 271
Joined: Thu Jun 05, 2014 2:20 pm
Location: Poland
Reputation point: 16

Re: Malware collection

Postby Antelox » Tue Jan 16, 2018 5:50 pm

Antelox
 
Posts: 143
Joined: Sun Mar 21, 2010 10:38 pm
Reputation point: 119

Re: Malware collection

Postby Fedor22 » Tue Jan 16, 2018 7:35 pm

4 samples of "NIX Video Player" (Win32/InstallCore)
This samples taken from 4 russian scum websites:
xxxx://wq.underfongaafui.download/16111 ... 7qjl/3799#
xxxx://ydlqn.soogiedsoafm.download/1611 ... 4y9/dy5js#
xxxx://f.underfongaafui.download/16119/ ... e/794vw4d#
xxxx://pks03.buncezmnwyxadv.download/16 ... 8/pkoy61r# (all websites worked)
When you visit one of these sites, a warning is displayed:
"Please install NIX Video Player to continue".
VT: https://www.virustotal.com/en/file/4e19 ... 516130791/ (Nix_Player_3435892897, 5/66)
https://www.virustotal.com/en/file/d117 ... /analysis/ (Nix Player, 17/67)
Nix_Player_0729469623 (5/66)
Nix_Player_1655606335 (5/66)
You do not have the required permissions to view the files attached to this post.
Fedor22
 
Posts: 13
Joined: Sun Dec 03, 2017 5:50 pm
Location: Russian Federation
Reputation point: 17

Re: Malware collection

Postby Fedor22 » Sat Jan 20, 2018 4:04 pm

08-07-Homer (I think it's banker or spyware, but I do not know exactly what it is).
Installed: HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run <- <appdata>\\Local\\<08-07-homer.exe>
Sample taken from this website:
xxxx://eiainteriors.com/wp-content/plug ... -homer.exe
VT: https://www.virustotal.com/en/file/e36a ... /analysis/
HA: https://www.hybrid-analysis.com/sample/ ... mentId=100
You do not have the required permissions to view the files attached to this post.
Fedor22
 
Posts: 13
Joined: Sun Dec 03, 2017 5:50 pm
Location: Russian Federation
Reputation point: 17

PreviousNext

Return to Malware

Who is online

Users browsing this forum: No registered users and 11 guests