A forum for reverse engineering, OS internals and malware analysis 

Search found 3 matches

 Go to advanced search

Citadel 1.3.5.1 Rain Edition Sample

 by obnoxiousdiablo ¦  Mon Oct 15, 2012 12:27 am ¦  Forum: Completed Malware Requests ¦  Topic: Malware Requests, part 2 ¦  Replies: 145 ¦  Views: 119207

Hi All,

Anyone got Citadel 1.3.5.1 Rain Edition Sample? Better if C&C still works. Thank you.

Regards,

Re: Citadel (Zeus clone)

 by obnoxiousdiablo ¦  Wed May 30, 2012 1:36 am ¦  Forum: Malware ¦  Topic: Citadel (Zeus clone) ¦  Replies: 197 ¦  Views: 398318

Never mind. I figured out it was encrypted cfg downloaded during your analysis. It is targeting mainly European banks at the moment. Will be great if you could post more citadel with cfg as they come along.

Much appreciated,

Re: Citadel (Zeus clone)

 by obnoxiousdiablo ¦  Tue May 29, 2012 10:03 pm ¦  Forum: Malware ¦  Topic: Citadel (Zeus clone) ¦  Replies: 197 ¦  Views: 398318

Hi Xylitol,

Thanks a lot for sharing this info. What is the file in the zip with 140K size? Is that the cfg downloaded?

Is it possible to share the packet dump you may have?

Thank you.

Regards,