Shamoon - Trojan.Ismdoor / Greenbug

Forum for analysis and discussion about malware.
Post Reply
waffles2.0
Posts: 25
Joined: Mon Aug 01, 2016 9:49 am

Shamoon - Trojan.Ismdoor / Greenbug

Post by waffles2.0 » Thu Jan 26, 2017 10:30 am

Recently Symantec published this regarding Shamoon/Disttrack: https://www.symantec.com/connect/blogs/ ... ks-shamoon

I am looking for a copy of a recent version of Shamoon and the RAT they talk about in this article.

Thanks for the help.


User avatar
maddog4012
Posts: 57
Joined: Mon Aug 04, 2014 6:53 pm

Re: Shamoon - Trojan.Ismdoor / Greenbug

Post by maddog4012 » Thu Jan 26, 2017 7:32 pm

You do not have the required permissions to view the files attached to this post.

Sophos
Posts: 0
Joined: Wed Feb 01, 2017 11:47 pm

Re: Shamoon - Trojan.Ismdoor / Greenbug

Post by Sophos » Fri Feb 03, 2017 2:10 am

i downloaded samples but it doesn't work in windows 7 32bit do i need to change date to let it work ?

Regards

User avatar
EP_X0FF
Global Moderator
Posts: 4775
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Contact:

Re: Shamoon - Trojan.Ismdoor / Greenbug

Post by EP_X0FF » Fri Feb 03, 2017 4:37 am

If you ask for samples, we assume you know how to use them (or at least how to make them work in a test environment).

http://www.kernelmode.info/forum/viewto ... =20&t=1950
Ring0 - the source of inspiration

tildedennis
Posts: 32
Joined: Mon Jun 17, 2013 7:57 pm

Re: Shamoon - Trojan.Ismdoor / Greenbug

Post by tildedennis » Mon May 08, 2017 1:10 pm

The latest Ismdoor samples (attached) have switched to a DNS C2 mechanism:

https://www.arbornetworks.com/blog/aser ... -dns-isms/
You do not have the required permissions to view the files attached to this post.

Post Reply