I'm interested in files of the old worm called "Niqtana" for OSX. Google doesn't help :/
As far as I understand it consists of several files? If so, it would be nice to get a full pack.
4.The malware will generate the key by creating a buffer with a size of 256 that contains [0-0x100] (like buffer=0 buffer = 1 etc) and swapping the value based on MAC Address. (I can't explain it well, english is not my native language. can someone explain this? hehe) It's initialization of R...
K_Mikhail wrote:be9d1a4dc0755a8cb16fd441c49e3231207600a6 ( - (probably, will be Linux.Encoder.8 in some future) || HEUR:Trojan-Ransom.Linux.Cryptor.g || Linux/Filecoder.J (due to response from ESET Malware Response Team))It's not a trojan. It's a task from CTF.
You can read topics of this forum regarding different linux malware families. The list of topics: http://www.kernelmode.info/forum/viewto ... =16&t=3471
>But I don't see file where was call """Apache ""
huh? The link you provided has compiled binaries of downloaders and sources for downloader and mirai itself. Where you saw file called "apache" ?
Okey, then it's just blocking requests from my ip. :) >What hacker doing with this source .Insert in infected server.???????? A hacker would need to compile these sources into binary file before distributing it. Of course, one may want to distribute it in source and compile it on thte target device,...