Search found 4 matches

by pyre08
Tue Jan 12, 2016 9:43 am
Forum: Malware
Topic: Another Ransomware as a Service
Replies: 2
Views: 5199

Re: Another Ransomware as a Service

@maddog4012

This is Encryptor RaaS which is older than ransom32. You can look for more details in this link: https://blog.fortinet.com/post/encrypto ... -the-block
by pyre08
Tue Aug 25, 2015 6:32 am
Forum: Malware
Topic: Win32/Zeus (alias Zbot)
Replies: 281
Views: 361388

Re: Win32/Zeus (alias Zbot)

Sphinx - new Zbot variant?

http://darkmatters.norsecorp.com/2015/0 ... ck-market/

Anyone encountered this?

Based on the article the ZBOT version is 1.0.0.0.
by pyre08
Wed Jun 10, 2015 2:04 am
Forum: Malware
Topic: TrojanSpy/Injector
Replies: 5
Views: 5703

Re: TrojanSpy/Injector

The sample is a new ZeusVM variant, the dropped file location has been changed, different API obfuscation method and minor bug fix to work on win8.

ZeusVM 2.0.b.0

Image
by pyre08
Tue May 12, 2015 3:54 am
Forum: Malware
Topic: Win32/Chthonic (Zeus + Andromeda combined)
Replies: 9
Views: 15770

Re: Win32/Chthonic (Zeus + Andromeda combined)

Do we have sample/dump from Stage 2 Loader or the Main Module of Chthonic?