Assistance request with Reveton removal demonstration

Forum for analysis and discussion about malware.
Post Reply
SonAmyFan362
Posts: 3
Joined: Wed Nov 21, 2018 11:56 pm

Assistance request with Reveton removal demonstration

Post by SonAmyFan362 » Thu Nov 22, 2018 3:31 am

Hi. I am wondering if there are some Reveton samples I can use on a Virtual Machine?

The Operating System on my Virtual Machine is: Windows 7 Ultimate, 32 bit.

The reason why I am requesting this is because I want to try to see if there's a way to demonstrate the Ransomware via video. I tried to run a Reveton sample, but, the worst it did was basically put some files in the ProgramData directory, add some entries to the startup process in MSCONFIG, and prevent Task Manager from starting. I was able to counter it easily by switching users, and terminating the rundll32.exe Process.

Thanks in advance.

-SonAmyFan362.

User avatar
Xylitol
Global Moderator
Posts: 1670
Joined: Sat Apr 10, 2010 5:54 pm
Location: Seireitei, Soul Society
Contact:

Re: Assistance request with Reveton removal demonstration

Post by Xylitol » Fri Nov 23, 2018 5:04 am


SonAmyFan362
Posts: 3
Joined: Wed Nov 21, 2018 11:56 pm

Re: Assistance request with Reveton removal demonstration

Post by SonAmyFan362 » Fri Nov 23, 2018 8:37 pm

Xylitol wrote:
Fri Nov 23, 2018 5:04 am
Hi, search the forum http://www.kernelmode.info/forum/viewto ... =16&t=2213
Thanks. Out of curiosity, do any of these still run well? So far, the best result I got was this Internet Explorer window that covered the entire screen, and that goes to 87.255.73.11, obviously, to download certain resources. I'm not certain which site had those resources at the time, and, if that's been documented, I wonder if I can use the Wayback Machine to access the Lock Screen images?

Post Reply