Page 1 of 1

Trojan-Spy.Win32.TeleBot.a

Posted: Tue Feb 13, 2018 7:39 pm
by Xylitol
Zero-day vulnerability in Telegram ~ https://securelist.com/zero-day-vulnera ... ram/83800/
Telegram 0-Day Used to Spread Monero and Zcash Mining Malware ~ https://www.bleepingcomputer.com/news/s ... g-malware/
Telegram Founder: Crypto Mining Malware Attack Isn't Due to App Flaw ~ https://t.me/durov/71
¯\_(ツ)_/¯ ~ https://twitter.com/codelancer/status/9 ... 1019179008

Downloader: https://www.virustotal.com/en/file/f775 ... 518549189/

Code: Select all

public static string Token = "349810543:AAHThGGPckBg6prpAvENzmecI2DPaj31D5Q";

Re: Trojan-Spy.Win32.TeleBot.a

Posted: Tue Feb 20, 2018 1:21 am
by p1nk
Damn. The author really wanted to make sure they have coverage for all systems:

Code: Select all

if (platform == PlatformID.Win32NT)
							{
								byte wProductType = oSVERSIONINFOEX.wProductType;
								switch (major)
								{
								case 3:
									text = "Windows NT 3.51";
									break;
								case 4:
								{