A forum for reverse engineering, OS internals and malware analysis 

Search found 33 matches

 Go to advanced search

Robin Ransomware

 by hackr8 ¦  Mon Jun 03, 2019 8:45 am ¦  Forum: Completed Malware Requests ¦  Topic: Robin Ransomware ¦  Replies: 1 ¦  Views: 165

Hello, I am looking for samples of the robin hood ransomware: SHA-256: 3bc78141ff3f742c5e942993adfbef39c2127f9682a303b5e786ed7f9a8d184b VT: https://www.virustotal.com/gui/file/3bc78141ff3f742c5e942993adfbef39c2127f9682a303b5e786ed7f9a8d184b/detection Related Video: https://www.youtube.com/watch?v=hC...

Re: Office 97-2003 macro viruses

 by hackr8 ¦  Sun May 19, 2019 5:35 pm ¦  Forum: Completed Malware Requests ¦  Topic: Office 97-2003 macro viruses ¦  Replies: 3 ¦  Views: 248

Sir you are breaking the forum rules.

Re: GoldenEye Ransomware XLS Dropper

 by hackr8 ¦  Sat May 18, 2019 11:36 am ¦  Forum: Completed Malware Requests ¦  Topic: GoldenEye Ransomware XLS Dropper ¦  Replies: 3 ¦  Views: 263

Sir you are breaking the rules again!

Heazycrome

 by hackr8 ¦  Fri May 03, 2019 11:23 am ¦  Forum: Completed Malware Requests ¦  Topic: Heazycrome ¦  Replies: 1 ¦  Views: 139

Hello, I am looking for samples of the Heazycrome family: AV name: BrowserModifier:Win32/Heazycrome (Microsoft) Information: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=BrowserModifier:Win32/Heazycrome MD5's : 95583b0da381a3455b90f04f2f2882c1 d8f7edccd78cf30b15...

TrojanDownloader:VBS/Bancos.A

 by hackr8 ¦  Sun Apr 14, 2019 11:15 am ¦  Forum: Completed Malware Requests ¦  Topic: TrojanDownloader:VBS/Bancos.A ¦  Replies: 2 ¦  Views: 207

Hello, I am looking for this particular sample: TrojanDownloader:VBS/Bancos.A(Microsoft) SHA-256: 93f488e4bb25977443ff34b593652bea06e7914564af5721727b1acdd453ced9 MD5: 349db5e1fd5fecdca2f264d1379d2b38 Virustotal: https://www.virustotal.com/#/file/93f488e4bb25977443ff34b593652bea06e7914564af5721727b1...

TrojanDownloader.VBS.Agent.REH

 by hackr8 ¦  Sat Apr 13, 2019 11:12 am ¦  Forum: Malware ¦  Topic: TrojanDownloader.VBS.Agent.REH ¦  Replies: 0 ¦  Views: 398

VBS Trojan with double extension *.doc.vbs Nothing special, the code is a bit complicated though. VirusTotal: https://www.virustotal.com/#/file/34631cbcb4298ac021cedd1b57bd2dcf3b94e24752e67b61a9f37e0cef8ec2ad/detection Direct Download(dangerous): hxxps://onedrive.live.com/download.aspx?cid=FD5AFF729...

Re: Overwrite a file using WinAPI functions VB.NET

 by hackr8 ¦  Thu Mar 28, 2019 3:50 pm ¦  Forum: Newbie Questions ¦  Topic: Overwrite a file using WinAPI functions VB.NET ¦  Replies: 9 ¦  Views: 493

BTW, it worked perfectly on a dummy after slight modifications (fixed the indentations).
Thanks!

Re: Overwrite a file using WinAPI functions VB.NET

 by hackr8 ¦  Thu Mar 28, 2019 3:30 pm ¦  Forum: Newbie Questions ¦  Topic: Overwrite a file using WinAPI functions VB.NET ¦  Replies: 9 ¦  Views: 493

Oh, I see what you did there. I never thought of that.
how does &H40000000 work as an integer, though?
BTW, Thanks for the help.

Re: Overwrite a file using WinAPI functions VB.NET

 by hackr8 ¦  Thu Mar 28, 2019 2:50 pm ¦  Forum: Newbie Questions ¦  Topic: Overwrite a file using WinAPI functions VB.NET ¦  Replies: 9 ¦  Views: 493

I didn't quite work. Am I doing something wrong? Please help. I tried it like this: Imports System.IO Imports System Imports System.Runtime.InteropServices Public Class Form Private Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click If CheckBox1.Checked = Tr...

Re: Overwrite a file using WinAPI functions VB.NET

 by hackr8 ¦  Thu Mar 28, 2019 2:14 pm ¦  Forum: Newbie Questions ¦  Topic: Overwrite a file using WinAPI functions VB.NET ¦  Replies: 9 ¦  Views: 493

Ok i will try it ASAP. Thanks!