A forum for reverse engineering, OS internals and malware analysis 

Search found 42 matches

 Go to advanced search

Re: Microsoft Neutralizes Kelihos Botnet

 by fatdcuk ¦  Sun Apr 01, 2012 1:15 pm ¦  Forum: Malware ¦  Topic: Microsoft Neutralizes Kelihos Botnet ¦  Replies: 12 ¦  Views: 9715

C= Medhos ??

Re: Trojan.Tracur

 by fatdcuk ¦  Tue Sep 27, 2011 12:50 pm ¦  Forum: Malware ¦  Topic: Trojan.Tracur ¦  Replies: 4 ¦  Views: 4830

Looks like they now using Facebook to search out new installs. Updated and modified install.>>no P2P component + new install patterns away from %SYSDIR% and specific to existing application folders. Dropper http://www.virustotal.com/file-scan/report.html?id=85bed9e488898df1b05e2be9a11adb2d9ffc947b97...

Rloader.A Virscan 4/37

 by fatdcuk ¦  Fri Aug 05, 2011 6:47 pm ¦  Forum: Malware ¦  Topic: WinNT/Simda ¦  Replies: 43 ¦  Views: 57382

FakeAlert/downloader that loves a system driver. http://r.virscan.org/62cad9d89302a118801480cc205666fc VirSCAN.org Scanned Report : Scanned time : 2011/08/06 02:41:35 (CST) Scanner results: 24% Scanner(s) (9/37) found malware! File Name : fix_pack107i_231.exe File Size : 302080 byte File Type : PE32...

Misc critter Gen/Heur detections VT 8/43

 by fatdcuk ¦  Thu Jul 28, 2011 9:29 pm ¦  Forum: Malware ¦  Topic: Malware/AutoIt ¦  Replies: 9 ¦  Views: 6256

Nothing special just weird these types of pages been about for a while now and not may vendors tracking them it would seem.. Java loader start http://leechpro.tk/ Payload http://dl.dropbox.com/u/27300888/update.exe http://www.virustotal.com/file-scan/report.html?id=e4518f9f166d29230d46772c53e753550...

(P2P) Trojan VT 2 Heur /41+ 1 Heur/41

 by fatdcuk ¦  Fri Apr 22, 2011 12:47 pm ¦  Forum: Malware ¦  Topic: Win32/Vundo ¦  Replies: 7 ¦  Views: 6810

Another day and papas found another new bag floated in P2P land :D http://www.virustotal.com/file-scan/report.html?id=2b985218e64a6f6907ac8733ebbfd81a8fb3e3ac2259dd830e4b138be200262e-1303475625 http://www.virustotal.com/file-scan/report.html?id=16f09919fb228d5ed497b802b3569adfffea6e3d36ecce8338ecbd6...

Re: P2P spammed Trojan(s) very poor detction by AntiVirus

 by fatdcuk ¦  Wed Apr 06, 2011 4:48 pm ¦  Forum: Malware ¦  Topic: Win32/Vundo ¦  Replies: 7 ¦  Views: 6810

Updated again...

http://www.virustotal.com/file-scan/rep ... 1302107684

Still no cure for AV lamerz :x

Re: Virus hides all files/folders on system.

 by fatdcuk ¦  Wed Mar 30, 2011 5:40 pm ¦  Forum: Malware ¦  Topic: Virus hides all files/folders on system. ¦  Replies: 10 ¦  Views: 12857

LOL not a virus.

Trojan.FakeAlert fallout

"Windows blah-blah" < insert tech sounding words for the flavour of that day ;)

Re: Improvement

 by fatdcuk ¦  Tue Mar 29, 2011 3:16 pm ¦  Forum: General Discussion ¦  Topic: Improvement ¦  Replies: 6 ¦  Views: 4818

What are some things that the anti-virus companies could do to improve detection? Improving protection is mission critical but already touched apon in this topic. Time to soapbox about detection... I have come to the conclusion that most of the commercial companies have more people working in their...

Re: Malware/NSIS downloaders

 by fatdcuk ¦  Tue Mar 29, 2011 1:29 pm ¦  Forum: Malware ¦  Topic: Malware/NSIS downloaders ¦  Replies: 35 ¦  Views: 31631

Your original suspicions were on the money :)

Attached is MZ harvest>>> Usual suspects.

Re: Malware/NSIS downloaders

 by fatdcuk ¦  Tue Mar 29, 2011 12:54 pm ¦  Forum: Malware ¦  Topic: Malware/NSIS downloaders ¦  Replies: 35 ¦  Views: 31631

EP_X0FF wrote:
hxxp://qvc.com/cgen/cdi.jpg
hxxp://qvc.com/qvcapp/icsx.jpg
hxxp://qvc.com/cgen/bch.jpg
hxxp://qvc.com/qvcapp/ehds.jpg

unavailable for me.
Catch :)