A forum for reverse engineering, OS internals and malware analysis 

Search found 5 matches

 Go to advanced search

Energetic Bear Implant

 by 0xKernel ¦  Tue May 15, 2018 5:22 pm ¦  Forum: Completed Malware Requests ¦  Topic: Energetic Bear Implant ¦  Replies: 1 ¦  Views: 1283

Hello, I am looking for this particular sample. MD5: f901c645188f9c80afa8f49174f065ce SHA-256: 9385d7e149bcda79e5a4291ad422c160be8297d029d04ee04c50240fe53aa900 Name: Exploit.Win32.BypassUAC.brg, Exploit.Win64.BypassUAC.fbfqbk Reference: https://www.virustotal.com/#/file/9385d7e149bcda79e5a4291ad422c...

MD5 Triton

 by 0xKernel ¦  Sat Dec 16, 2017 6:59 pm ¦  Forum: Completed Malware Requests ¦  Topic: MD5 Triton ¦  Replies: 0 ¦  Views: 3551

Hi team, looking for the following MD5's from the following article https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html 6c39c3f4a08d3d78f2eb973a94bd7718 - trilog.exe (I've seen this has been asked before but not properly, So now asking right for...

Looking for the FireEyE Triton Samples.

 by 0xKernel ¦  Sat Dec 16, 2017 8:02 am ¦  Forum: Completed Malware Requests ¦  Topic: Looking for the FireEyE Triton Samples. ¦  Replies: 2 ¦  Views: 3724

Hey guys, I'm looking for the Full sample set from the Triton article from FireEye. (I see that some of the MD5's are not on Virustotal so.. So whatever one's are available) Article: https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html MD5's: 6c3...

Re: ROKRAT PE32 exe From Talos Hash

 by 0xKernel ¦  Thu Nov 30, 2017 9:55 pm ¦  Forum: Completed Malware Requests ¦  Topic: ROKRAT PE32 exe From Talos Hash ¦  Replies: 2 ¦  Views: 3492

Thank you, Good Sir.

ROKRAT PE32 exe From Talos Hash

 by 0xKernel ¦  Thu Nov 30, 2017 9:39 pm ¦  Forum: Completed Malware Requests ¦  Topic: ROKRAT PE32 exe From Talos Hash ¦  Replies: 2 ¦  Views: 3492

Hey Guys I am Looking for the ROKRAT sample from Talo's website Link: http://blog.talosintelligence.com/2017/04/introducing-rokrat.html?f_l=s I am Looking for the PE32 exe's using the Hash: cd166565ce09ef410c5bba40bad0b49441af6cfb48772e7e4a9de3d646b4851c 051463a14767c6477b6dacd639f30a8a5b9e126ff3153...