https://virustotal.com/ru/file/027cc450 ... /analysis/
https://virustotal.com/ru/file/e5c643f1 ... /analysis/
Petya malware
-
- Posts: 24
- Joined: Fri Mar 19, 2010 8:16 pm
Ransomware.Petya
You do not have the required permissions to view the files attached to this post.
-
- Posts: 1
- Joined: Tue Nov 17, 2015 11:57 pm
Re: Petya malware
Is this the one that struck out yesterday that infected computers via Network?
- maddog4012
- Posts: 57
- Joined: Mon Aug 04, 2014 6:53 pm
Re: Petya malware
yes it isDamian9303 wrote:Is this the one that struck out yesterday that infected computers via Network?

-
- Posts: 1
- Joined: Wed Jun 28, 2017 11:02 am
Re: Petya malware
At the risk of sounding like a complete idiot, I was unable to execute the sample.maddog4012 wrote:yes it isDamian9303 wrote:Is this the one that struck out yesterday that infected computers via Network?
Am I missing something?
-
- Posts: 25
- Joined: Mon Aug 01, 2016 9:49 am
Re: Petya malware
The sample provided by the original comment is an older sample, the new one doesn't have the skull and crossbones. Attached is the sample that struck out hitting lots of companies over the past few days.
Use the command line to execute:
You should also know that it schedules a shutdown /sleeps for about an hour after infection so you have to wait a while but once you boot up after shutdown it should take you to a screen like this:

then shortly after this:

Use the command line to execute:
Code: Select all
rundll32.exe 027cc450ef5f8c5f653329641ec1fed91f694e0d229928963b30f6b0d7d3a745_98STJd8lju.dll, #1

then shortly after this:

You do not have the required permissions to view the files attached to this post.
Peya / NotPeya / WannaCry sample
Peya:e8fb95ebb7e0db4c68a32947a74b5ff9
NotPeya:71b6a493388e7d0b40c83ce903bc6b04
WanaCry:db349b97c37d22f5ea1d1841e3c89eb4
Contribute to all those who share the malware samples so generously before!
NotPeya:71b6a493388e7d0b40c83ce903bc6b04
WanaCry:db349b97c37d22f5ea1d1841e3c89eb4
Contribute to all those who share the malware samples so generously before!
You do not have the required permissions to view the files attached to this post.
- Xylitol
- Global Moderator
- Posts: 1652
- Joined: Sat Apr 10, 2010 5:54 pm
- Location: Seireitei, Soul Society
- Contact:
Re: Petya malware
Ukrainian man Sergey Neverov arrested for spreading Petya ~ https://cyberpolice.gov.ua/news/kiberpo ... tyaa-6185/