Search found 4 matches

by pyre08
Tue Jan 12, 2016 9:43 am
Forum: Malware
Topic: Another Ransomware as a Service
Replies: 2
Views: 5199

Re: Another Ransomware as a Service


This is Encryptor RaaS which is older than ransom32. You can look for more details in this link: ... -the-block
by pyre08
Tue Aug 25, 2015 6:32 am
Forum: Malware
Topic: Win32/Zeus (alias Zbot)
Replies: 281
Views: 361388

Re: Win32/Zeus (alias Zbot)

Sphinx - new Zbot variant? ... ck-market/

Anyone encountered this?

Based on the article the ZBOT version is
by pyre08
Wed Jun 10, 2015 2:04 am
Forum: Malware
Topic: TrojanSpy/Injector
Replies: 5
Views: 5703

Re: TrojanSpy/Injector

The sample is a new ZeusVM variant, the dropped file location has been changed, different API obfuscation method and minor bug fix to work on win8.

ZeusVM 2.0.b.0

by pyre08
Tue May 12, 2015 3:54 am
Forum: Malware
Topic: Win32/Chthonic (Zeus + Andromeda combined)
Replies: 9
Views: 15770

Re: Win32/Chthonic (Zeus + Andromeda combined)

Do we have sample/dump from Stage 2 Loader or the Main Module of Chthonic?