Search found 21 matches

by hackr8
Fri Mar 08, 2019 5:33 pm
Forum: Malware
Topic: Adware.IStartSurf
Replies: 1
Views: 222

Adware.IStartSurf

I downloaded this sample from a site I was redirected to while googling. The file has unusual structure.
Can somebody try analyzing this? Thanks.
Virustotal: https://www.virustotal.com/#/file/e9b4b ... 0f5c535d4d
by hackr8
Thu Mar 07, 2019 2:49 pm
Forum: Malware
Topic: MSIL/Noancooe (alias Nanocore)
Replies: 7
Views: 6176

UDS.DangerousObject.Multi.Generic (Nanocore RAT)

I found this on dropbox. It's made with VB6 [signature:Microsoft Visual Basic v5.0] Please note that I was the first person to upload the file to Virustotal so the report might change soon . Virustotal: https://www.virustotal.com/#/file/dab62c03ba5ddbbd98961dcda9a6af73fbc8f594d0299842984c2effbb65a87...
by hackr8
Fri Feb 22, 2019 4:18 pm
Forum: Malware
Topic: PUA.Win32.Bitrepeyp.A (DealAlpha)
Replies: 0
Views: 290

PUA.Win32.Bitrepeyp.A (DealAlpha)

Some adware installer I found myself while browsing. It pretends to be a Flash Player update. Virustotal (36/66): https://www.virustotal.com/#/file/4321cf2807fa6f001a805a07e2c743f8c7ea1b47afee2584c73c332708e7827d/detection Hybrid analysis: https://www.hybrid-analysis.com/sample/4321cf2807fa6f001a805...
by hackr8
Tue Feb 12, 2019 3:48 pm
Forum: Malware
Topic: RedEye Ransomware
Replies: 7
Views: 3824

Re: RedEye Ransomware

New link:
https://ufile.io/bva5b
pw: infected
by hackr8
Tue Feb 12, 2019 3:22 pm
Forum: Malware
Topic: RedEye Ransomware
Replies: 7
Views: 3824

Re: RedEye Ransomware

Fedor22 wrote:
Tue Feb 12, 2019 3:12 pm
Strange, for me it says: "File not found".
You are right. For some reason my link is down. It might be because of the protection system of the site.
by hackr8
Tue Feb 12, 2019 3:11 pm
Forum: Malware
Topic: RedEye Ransomware
Replies: 7
Views: 3824

Re: RedEye Ransomware

New link: [down]
Password: infected
by hackr8
Sun Feb 10, 2019 2:35 pm
Forum: Malware
Topic: RedEye Ransomware
Replies: 7
Views: 3824

Re: RedEye Ransomware

I will upload a new link soon.
by hackr8
Tue Jan 29, 2019 3:04 pm
Forum: Malware
Topic: Happy Ransomware (T1)
Replies: 2
Views: 945

Re: Happy Ransomware (T1)

I personally think that it is a rather cheap VB.NET/C# ransomware Part of the code: Private Sub EndOf() System.IO.File.WriteAllText(Interaction.Environ("userprofile") & "\Desktop\HIT BY RANSOMWARE.txt", T1.My.Resources.Resources.HIT_BY_RANSOMWARE) System.IO.File.WriteAllText(Interaction.Environ("use...
by hackr8
Sun Jan 20, 2019 8:02 pm
Forum: Newbie Questions
Topic: Malware Analyst
Replies: 6
Views: 1920

Re: Malware Analyst

In order to access Virustotal samples you need a Private API key and as far as I know getting one is not easy.
by hackr8
Sat Jan 19, 2019 10:59 am
Forum: Malware
Topic: DDoS.Win32.Meganuke
Replies: 0
Views: 642

DDoS.Win32.Meganuke

Ddos trojan
VirusTotal: https://www.virustotal.com/#/file/965fe ... /detection
I haven't managed to any other information so I guess that it is a really rare sample.