A forum for reverse engineering, OS internals and malware analysis 

Search found 36 matches

 Go to advanced search

Re: Win32/Cerber

 by EX! ¦  Thu Jan 26, 2017 3:45 pm ¦  Forum: Malware ¦  Topic: Win32/Cerber ¦  Replies: 76 ¦  Views: 164461

#Cerber.

https://www.virustotal.com/es/file/f4de ... 485445458/


SHA256: f4dee521502a89bcb0dbce3d894692ca9a37a3578759589d31e6fb5f154f2e7b
Nombre: 1
Detecciones: 9 / 56

Downloader -> hxxp://finestololoki.top/search.php

Re: Win32/Dyzap (Dyre)

 by EX! ¦  Sun Jul 27, 2014 12:38 am ¦  Forum: Malware ¦  Topic: Win32/Dyzap (Dyre) ¦  Replies: 26 ¦  Views: 44484

https://www.virustotal.com/es/file/10745182ac1b738e4a363166f650069d16b81873b3bbb1990e7d07cb652495e8/analysis/ 00402385 PUSH dump1.00403298 ASCII "I'm DYRE!" 0040238C PUSH dump1.004032A4 ASCII "Shit happens :)" 004023C1 PUSH dump1.004031C0 UNICODE "Roaming" 004023D1 PUSH dump1.004031D0 UNICODE "Local...

Re: Citadel (Zeus clone)

 by EX! ¦  Thu Nov 14, 2013 4:01 pm ¦  Forum: Malware ¦  Topic: Citadel (Zeus clone) ¦  Replies: 197 ¦  Views: 398288

Citadel. Target: #*wellsfargo.com/* @*payment.com/* *facebook.com/* Gate: hxxp://newsamplesproduct.com/css/styles/4/2/3/2/2/3/a/s/d/f/doc/gate.php hxxp://newsamplesproduct.com/css/styles/4/2/3/2/2/3/a/s/d/f/doc/file.php|file=soft.exe#N hxxp://newsamplesproduct.com/css/styles/4/2/3/2/2/3/a/s/d/f/doc/...

Re: Win32/Zeus (alias Zbot)

 by EX! ¦  Mon Nov 11, 2013 2:12 pm ¦  Forum: Malware ¦  Topic: Win32/Zeus (alias Zbot) ¦  Replies: 281 ¦  Views: 363684

Re: CyberGate RAT

 by EX! ¦  Fri Oct 04, 2013 9:52 pm ¦  Forum: Malware ¦  Topic: CyberGate RAT ¦  Replies: 6 ¦  Views: 5416

hmm...seems that the sample is xtreme rat.

Re: CyberGate RAT

 by EX! ¦  Thu Oct 03, 2013 4:41 pm ¦  Forum: Malware ¦  Topic: CyberGate RAT ¦  Replies: 6 ¦  Views: 5416

Hello! I think it's Cybergate, but is very similar to XtremeRat, what do you think? Bye! VT : https://www.virustotal.com/es-ar/file/ada89207c999fe66f7e480ea238132b3a5b075d9b351e9b8e889b5fcbdb2bf5c/analysis/1380807573/ hXXp://fabpasadena.com/includes/js/calendar/Certificaciones%20Calificacion%20Tribu...

WinNT/Vawtrak

 by EX! ¦  Fri Aug 30, 2013 8:59 pm ¦  Forum: Malware ¦  Topic: WinNT/Vawtrak ¦  Replies: 33 ¦  Views: 57576

PWS.Papras.CM o Ursnif

Code: Select all
hxxp://sieargentina.com/pdf_trk_1Z78050W0348566377.zip
https://www.virustotal.com/en/file/9e43 ... 377902730/
.....

Re: Win32/Kuluoz

 by EX! ¦  Mon Jul 22, 2013 4:16 pm ¦  Forum: Malware ¦  Topic: Win32/Kuluoz ¦  Replies: 37 ¦  Views: 58150

Kuluoz


Image


Image


Malware Site Link: hxxp://samouchitel.com.ua/img/info.php?info=fkMWRyMw8sZV4ceLKdR61A==

Re: Rogue Antimalware (FakeAV, 2013 year)

 by EX! ¦  Thu Jun 13, 2013 11:11 pm ¦  Forum: Malware ¦  Topic: Rogue Antimalware (FakeAV, 2013 year) ¦  Replies: 142 ¦  Views: 219588

Internet Security http://imageshack.us/a/img42/9240/fakeav.png https://www.virustotal.com/es-ar/file/2c68b8386fc3be755c3a5c9f7717495f0e0010d59233d6dfe4ee6de62109d269/analysis/1371150073/ hxxp://globalofficesolution.net/tmp/file1.exe (fakeAV downloaded by 1eETvOm.exe ) hxxp://globalofficesolution.net...

Re: Win32/Zeus (alias Zbot)

 by EX! ¦  Fri May 17, 2013 2:44 am ¦  Forum: Malware ¦  Topic: Win32/Zeus (alias Zbot) ¦  Replies: 281 ¦  Views: 363684

#Zbot


192.95.59.250/z/config.bin
192.95.59.250/z/bot.exe
192.95.59.250/z/gate.php


https://www.virustotal.com/es/file/9dfc ... /analysis/