A forum for reverse engineering, OS internals and malware analysis 

Search found 1635 matches

 Go to advanced search

Re: How to run .bin files?

 by Xylitol ¦  Wed Oct 16, 2019 11:05 am ¦  Forum: Newbie Questions ¦  Topic: How to run .bin files? ¦  Replies: 2 ¦  Views: 169

open your .bin file in a hex editor and look at the header, then use common sense to determine what your file is about

Re: novter/nodersok/divergent sample ?

 by Xylitol ¦  Tue Oct 15, 2019 11:10 am ¦  Forum: Malware Requests ¦  Topic: novter/nodersok/divergent sample ? ¦  Replies: 1 ¦  Views: 288

lol

Re: VirusTotal graphs about malware

 by Xylitol ¦  Sat Aug 17, 2019 12:09 pm ¦  Forum: General Discussion ¦  Topic: VirusTotal graphs about malware ¦  Replies: 3 ¦  Views: 1001

A graph about DigMine, a lot of passive DNS on this one: https://www.virustotal.com/graph/embed/ ... 0e3a1c1ff8

Re: Trojan.Digmine

 by Xylitol ¦  Fri Aug 16, 2019 12:22 pm ¦  Forum: Malware ¦  Topic: Trojan.Digmine ¦  Replies: 5 ¦  Views: 4443

a post wrote with the gang of huntingMalware (also 'hi' to digmine botherder if you are reading that :-D ) https://blog.huntingmalware.com/notes/DigMine

Re: New malware analyser service malwareanalyser.io

 by Xylitol ¦  Sat Jul 27, 2019 10:05 am ¦  Forum: Malware ¦  Topic: New malware analyser service malwareanalyser.io ¦  Replies: 3 ¦  Views: 937

no, i mean you can add a filter on the api.

Re: New malware analyser service malwareanalyser.io

 by Xylitol ¦  Thu Jul 25, 2019 12:57 pm ¦  Forum: Malware ¦  Topic: New malware analyser service malwareanalyser.io ¦  Replies: 3 ¦  Views: 937

malwareanalyser.io wrote: Thu Jul 25, 2019 7:06 am suggest features to improve.
API feed to send and retrieve latest submissions, configurable to get only suspected etc..

FlyStudio

 by Xylitol ¦  Mon Jul 22, 2019 1:19 pm ¦  Forum: Malware ¦  Topic: FlyStudio ¦  Replies: 0 ¦  Views: 747

Originaly found on weak rdps, after scanning china range, seem to be an old threat. https://www.virustotal.com/graph/embed/g88530f517a194eafa0b89d26869baddad6a133f36ba54ad5911c4ff973a94ccb https://i.imgur.com/F009fy5.png Developped in EPL, guy of hexacorn did a post about theses PE files here: http:...

Re: CVE-2018-20250 (WinRAR UNACEV2.DLL)

 by Xylitol ¦  Tue Jul 02, 2019 9:20 pm ¦  Forum: Malware ¦  Topic: CVE-2018-20250 (WinRAR UNACEV2.DLL) ¦  Replies: 9 ¦  Views: 2903

June: ---------- MATCH: CVE_2018_20250 : AceArchive UNACEV2_DLL_EXP 2019-06-07: b8658321126d00b76d2058f02587ffec4595ef991096f98c0f5c204db0446edc test.rar 2019-06-11: 16b20a2af04db85f5845ba09ea4d2a7e01506417976f10b87d50df06fb7ebc0c =?UTF-8?B?7L2U7J2464yA67CV7KCV67O0LnJhcg==?= c3b1ba9dca6eadc9ffbcc333...

Re: VirusTotal graphs about malware

 by Xylitol ¦  Tue Jun 25, 2019 11:34 am ¦  Forum: General Discussion ¦  Topic: VirusTotal graphs about malware ¦  Replies: 3 ¦  Views: 1001

virustotal at my door
Image

about mbr ransom graph, here is a fast try with vazonez winlock generator, lot of samples, few itw urls.
https://www.virustotal.com/graph/embed/ ... c89481e2bb

VirusTotal graphs about malware

 by Xylitol ¦  Tue Jun 11, 2019 2:02 pm ¦  Forum: General Discussion ¦  Topic: VirusTotal graphs about malware ¦  Replies: 3 ¦  Views: 1001

Hey there, i've been playing with VirusTotal graph since some weeks. Originally i did a graph just for building a landscape of files for ATM Wall, the graph can be seen here: https://www.virustotal.com/graph/embed/g9521270d163a4778aa5bc376c0d80375b11f2d95beee484498dbdaafc989ee5f I got the idea of do...

  • 1
  • 2
  • 3
  • 4
  • 5
  • 164