A forum for reverse engineering, OS internals and malware analysis 

Search found 10 matches

 Go to advanced search

Re: Adware.CsdiMonetize

 by g00dv1n ¦  Mon Jan 16, 2017 1:14 pm ¦  Forum: Completed Malware Requests ¦  Topic: Adware.CsdiMonetize ¦  Replies: 2 ¦  Views: 4386

THANKS!

nice to have VT private key :)

Adware.CsdiMonetize

 by g00dv1n ¦  Mon Jan 16, 2017 10:16 am ¦  Forum: Completed Malware Requests ¦  Topic: Adware.CsdiMonetize ¦  Replies: 2 ¦  Views: 4386

Re: Win32/Cerber

 by g00dv1n ¦  Thu Dec 08, 2016 11:13 am ¦  Forum: Malware ¦  Topic: Win32/Cerber ¦  Replies: 76 ¦  Views: 164437

Re: Looking for PrincessLocker sample

 by g00dv1n ¦  Wed Nov 23, 2016 8:44 am ¦  Forum: Completed Malware Requests ¦  Topic: Looking for PrincessLocker sample ¦  Replies: 2 ¦  Views: 5016

Thanks!!!

Looking for PrincessLocker sample

 by g00dv1n ¦  Tue Nov 22, 2016 9:29 am ¦  Forum: Completed Malware Requests ¦  Topic: Looking for PrincessLocker sample ¦  Replies: 2 ¦  Views: 5016

Hello,
I am looking for sample of PrincessLocker Ransomware.
https://blog.malwarebytes.com/threat-an ... ansomware/

List of actual Ransomware

 by g00dv1n ¦  Wed Nov 02, 2016 4:58 pm ¦  Forum: Newbie Questions ¦  Topic: List of actual Ransomware ¦  Replies: 3 ¦  Views: 8458

Hi,
I've been developing site like www.nomoreransom.org , where users can comment some lockers. (Get info about decrypt or not)

Could you give me a list of actual Lockers. Cerber, Locky ... etc

Re: Win32/Cerber

 by g00dv1n ¦  Thu Jul 21, 2016 1:15 pm ¦  Forum: Malware ¦  Topic: Win32/Cerber ¦  Replies: 76 ¦  Views: 164437

https://www.virustotal.com/en/file/2020 ... 469106703/

from:
hxxp://jengosupport.tw/merde.png

Re: Locky ransomware

 by g00dv1n ¦  Wed Jul 20, 2016 11:05 am ¦  Forum: Malware ¦  Topic: Locky ransomware ¦  Replies: 142 ¦  Views: 203177

https://www.virustotal.com/en/file/8f32 ... /analysis/

Locky. Very low detection ratio...

from:
zuerich-gewerbe.ch/mbv58gbv
plantengineer.biz/mbv58gbv
australiandietitian.com/mbv58gbv
iceskochi.org/mbv58gbv

Re: CryptXXX Ransomware

 by g00dv1n ¦  Fri Jul 15, 2016 7:14 am ¦  Forum: Malware ¦  Topic: CryptXXX Ransomware ¦  Replies: 6 ¦  Views: 11238

xors wrote:
g00dv1n wrote:New sample
In the attachment
Could you describe your strategy for unpack it ?

I looked the sample in Olly but i found only trash jumps and ReleaseMutex functions.

Thanks.

Re: CryptXXX Ransomware

 by g00dv1n ¦  Thu Jul 14, 2016 3:20 pm ¦  Forum: Malware ¦  Topic: CryptXXX Ransomware ¦  Replies: 6 ¦  Views: 11238

New sample