Search found 143 matches

by PX5
Wed Jun 10, 2015 11:01 pm
Forum: Malware
Topic: Win32/Poweliks
Replies: 36
Views: 109641

Re: Win32/Poweliks

Has anyone seen a newer run of Poweliks droppers?

Seems we have a rash of this crap running about.

Any help, pointers are much appreciated.

--MJ
by PX5
Wed Jun 12, 2013 11:21 am
Forum: Malware
Topic: Guntior bootkit (Chinese combine)
Replies: 35
Views: 38007

Re: Guntior bootkit (Chinese combine)

_http://down.web052.com:804/qvodsetup7.exe MD5: 62297731ed94b07ae91cffc72bcaded8 SHA1: cafb948455fa7d8c86d840a7ae43f0d450ca9d37 https://www.virustotal.com/ru/file/b8da7ddafaedf35d9ea754f8b66fc07126e0cce523723f32864df144f165629f/analysis/ Im not sure this belongs here but gonna post it and let the M...
by PX5
Fri May 31, 2013 1:52 pm
Forum: Malware
Topic: Win32/Cutwail
Replies: 33
Views: 43123

Re: Win32/Cutwail

Hmmmmm, seems my monday is happening 5 days in a row this week, please ignore this post. :(
by PX5
Thu May 30, 2013 5:12 pm
Forum: Malware
Topic: Win32/Reveton
Replies: 150
Views: 191582

Re: Win32/Reveton

Last edited by Xylitol on Thu May 30, 2013 11:41 am, edited 1 time in total.
Reason: image fix

Looks like Xylitol has repaired the image as much as it can be, thanks for asking EP_X0FF. :)

Thank You Much X! :)
by PX5
Thu May 30, 2013 9:47 am
Forum: Malware
Topic: Win32/Reveton
Replies: 150
Views: 191582

Re: Win32/Reveton

Image

Holy Crap!

Best I could do for now, hadda use a camera, safe mode didnt load, havent tried anything else yet, still not awake.

If someone is good at re-sizing photos, have at it and repost so its visible.

Thanks,

MJ
by PX5
Thu May 30, 2013 9:38 am
Forum: Malware
Topic: Win32/Reveton
Replies: 150
Views: 191582

Re: Win32/Reveton

Reveton aka FBI/MoneyPak Link is dead....http://ytojuxate.pl/erolikos (50.7.46.181) Seen it called Screenlock and other names like Fortinet W32/Moure.A!tr.dldr I disagree, although screenlock, this is pure reveton, wont be able to share pcap but trust me, its Reveton, all my stolen PWs say so! ;) ht...
by PX5
Wed May 29, 2013 11:16 am
Forum: Malware
Topic: Power Loader (blast, alias Alureon)
Replies: 38
Views: 48508

Re: Power Loader (alias Alureon)

Thanks EP, This is a clear example of how long I been outa the loop, not so sure I was ever in the loop, tbh! :lol: Should be some more fun somewhere to get back into the swing of things, especially since our tools section does good to "Suck Wind"!!!!!!!!!! Best, I shhhhh before i get myself into tr...
by PX5
Tue May 28, 2013 1:17 pm
Forum: Malware
Topic: Power Loader (blast, alias Alureon)
Replies: 38
Views: 48508

Re: Power Loader (alias Alureon)

Same here but am having troubles with collecting the file while online, in either normal or safe mode, which I think is hilarious given fact Ive been doing this a while and am so out of practice, I barely remember how to infect anything!

Damn the bad luck!!!!! :lol:
by PX5
Tue Oct 23, 2012 7:22 pm
Forum: Malware
Topic: Win32/Qakbot
Replies: 20
Views: 15633

Re: Qakbot.KY

If its truely a variant of qakbot, Im curious if you had windows show all hidden files, then venture into ?:\Windows\Task If so, you very well may find some rogue job files which need deletion else in some 4 to 7 days, all cleaned machines will reinfect, general task time between execution on last v...