Search found 163 matches
- Thu Nov 08, 2018 5:29 pm
- Forum: General Discussion
- Topic: VBOX Sandbox Escape - Guest to Host
- Replies: 1
- Views: 1208
Hi All! I haven't tested this myself yet, but it seems that someone has found a bug that allows escaping VBOX from guest to host. Here is a link to the full writeup, there is code in there but it's not ready-made for people to just go and use, as the code is within the writeup: https://github.com/Mo...
- Thu Aug 10, 2017 11:45 pm
- Forum: Completed Malware Requests
- Topic: BKDR_OWAUTH.A - Bronze Union
- Replies: 1
- Views: 3988
Associated with https://www.secureworks.com/blog/chinese-threat-group-targeted-turkish-organizations Can you please upload samples of below? https://virustotal.com/en/file/0e823a5b64ee761b70315548d484b5b9c4b61968b5068f9a8687c612ddbfeb80/analysis/ cd5aaa37ee165071f914ceec8fd09e0f https://virustotal....
Thanks you a lot. https://www.virustotal.com/en/file/1291d86163aba76ad8d38665f405eb314234aa23463f2008b9afaca3252da588/analysis/1501258949/ Downloads GlobelImposter ransomware from: hxxp://rghuston.com/gxrdcca/ https://www.virustotal.com/en/file/2c42d67534ccb9c418adbe4a0a6d237d7cb8598775d2d5efe22960...
https://www.virustotal.com/en/file/c4600108d457504ad84493dde0c63d811d01d4c913ae2a62c61dc5e6cf890545/analysis/ That is called 'RevengeRAT' this.ID = "SGFja2VkIEJ5IEhhbGxhag=="; ID string says 'Hacked By Hallaj' It gets the payload from pastebin: hxxps://pastebin.com/raw/UCXsTaZ8 then loads it using ...
https://www.virustotal.com/en/file/f559c9e3f2f90e1037fb13486bf815fb42553975232ddfee87b9b72c89fbadb8/analysis/1499619085/ This one is MacKeeper. It is a PUP for mac OS, it's not necessarily malware but it is also not very useful. https://www.virustotal.com/en/file/a92058800cb534d9ce94f6e046346de5526...
- Sun Jul 09, 2017 7:18 am
- Forum: Malware
- Topic: looking for malware from Antivirus Hacker's Handbook
- Replies: 3
- Views: 6930
attachedSHA1: 88b6a40a8aa0b8a6d515722d9801f8fb7d332482; MD5: 066c50f26a67619caae5816f96eae52d
Virus total link: https://www.virustotal.com/en/file/05d4 ... /analysis/
The second one is FlyStudio malware with SHA1 hash 405950e1d93073134bce2660a70b5ec0cfb39eab
It is not possible without the key. The key is on their server. You have 2 options:thiviyan wrote:anyone here can decrypt cerber locker files? PM me if anyone can..
1. Restore your files from a backup
2. Pay the ransom and hope they follow through with a decrypter that works for you
I came across this post on Reddit today, looks like someone has a new Ransomware As A Service up and running. Original Thread: https://www.reddit.com/r/Malware/comments/3err9u/a_new_toxlike_ransomware/ Generate Encryptor: hxxp://encryptor3awk6px.onion/ Get Decrypter: hxxp://decryptoraveidf7.onion/ T...