A forum for reverse engineering, OS internals and malware analysis 

Search found 6 matches

 Go to advanced search

Re: Linux/Chalubo

 by r3dbU7z ¦  Wed Nov 21, 2018 4:38 pm ¦  Forum: Malware ¦  Topic: Linux/Chalubo ¦  Replies: 2 ¦  Views: 1219

One more similar sample.

https://www.virustotal.com/en/file/0779 ... /analysis/

PS/ Please, ban me on this forum, otherwise I will have the opportunity to continue this spam

Re: Linux/Chalubo

 by r3dbU7z ¦  Wed Oct 24, 2018 2:37 pm ¦  Forum: Malware ¦  Topic: Linux/Chalubo ¦  Replies: 2 ¦  Views: 1219

Maybe it will be interesting to someone...

https://www.virustotal.com/en/file/8fbd ... /analysis/

Re: Linux/Bash0day alias Shellshock alias Bashdoor

 by r3dbU7z ¦  Fri Oct 16, 2015 3:37 am ¦  Forum: Malware ¦  Topic: Linux/Bash0day alias Shellshock alias Bashdoor ¦  Replies: 42 ¦  Views: 128227

Malware. Malware never changes. https://www.virustotal.com/ru/file/07ee57d1188081594275f66de594899d05202abdce96e864397b239126273421/analysis/ 9424e71e89434982f44698d94d527418 i686 aa5f1761d64a8463ace8e6546847d28a mips 724fa79e113968ae38867063aa32e28b mipsel ca9ff0080317d11d3eae42992e3e8c8f ppc 646a5...

Re: Linux/PNScan

 by r3dbU7z ¦  Mon Sep 28, 2015 9:30 pm ¦  Forum: Malware ¦  Topic: Linux/PNScan ¦  Replies: 27 ¦  Views: 36097

I will dare to add a few the information on the given theme. The matter is that the first sample pnscan2 daemon.armv4l.mod has been loaded by me on virustotal.com and the sample in drweb has been simultaneously sent. 28 Jul 2015 me the letter from drweb has come that the sample has received name PNS...

Re: Linux.Kluh

 by r3dbU7z ¦  Sat Sep 19, 2015 8:08 pm ¦  Forum: Malware ¦  Topic: Linux.Kluh ¦  Replies: 5 ¦  Views: 7369

unixfreaxjp wrote:I can't fetch the sample since it looks down, would you please kindly share us in the attacment with usual passworded archive?
It's my fail. I'm sorry.

Re: Linux.Kluh

 by r3dbU7z ¦  Thu Sep 17, 2015 12:01 am ¦  Forum: Malware ¦  Topic: Linux.Kluh ¦  Replies: 5 ¦  Views: 7369

H! a11
Probably this information is useful to someone (I hope)

HFS h00p://23.251.57.95:655