A forum for reverse engineering, OS internals and malware analysis 

Search found 26 matches

 Go to advanced search

Re: Zippy ransomeware

 by Intimacygel ¦  Fri Apr 29, 2016 3:28 pm ¦  Forum: Malware ¦  Topic: JS/Nemucod (Zippy ransomeware) ¦  Replies: 16 ¦  Views: 13800

Antelox wrote:New Nemucod Variant. 7-zip is not used anymore.

https://glot.io/snippets/ee7hiif87k

BR,

Antelox
Where do we download those variants from your link?

Re: Ransom.Radamant

 by Intimacygel ¦  Fri Feb 12, 2016 3:40 pm ¦  Forum: Malware ¦  Topic: Ransom.Radamant ¦  Replies: 10 ¦  Views: 17346

Xylitol wrote: Image
What forum is this image from?

Re: Ransomware-as-a-service, AKA Ransom32

 by Intimacygel ¦  Tue Jan 05, 2016 5:23 pm ¦  Forum: Malware ¦  Topic: Ransomware-as-a-service, AKA Ransom32 ¦  Replies: 5 ¦  Views: 8959

Anyone have the onion link to the portal to create new samples?

Re: TeslaCrypt ransomware

 by Intimacygel ¦  Thu Sep 17, 2015 1:02 am ¦  Forum: Malware ¦  Topic: TeslaCrypt ransomware ¦  Replies: 58 ¦  Views: 89793

http://www.isightpartners.com/2015/09/t ... nications/

Anyone got any samples for this supposed "Tesla Crypt 2.0" ?

Re: ORX Locker

 by Intimacygel ¦  Thu Sep 10, 2015 3:38 pm ¦  Forum: Malware ¦  Topic: ORX Locker ¦  Replies: 3 ¦  Views: 3815

What is the onion address to generate?

CRASH iPhones with a text

 by Intimacygel ¦  Thu May 28, 2015 5:12 pm ¦  Forum: General Discussion ¦  Topic: CRASH iPhones with a text ¦  Replies: 0 ¦  Views: 5446

Re: Win32 Rombertik

 by Intimacygel ¦  Fri May 15, 2015 10:51 pm ¦  Forum: Malware ¦  Topic: Win32/Rombertik ¦  Replies: 27 ¦  Views: 52646

Re: Win32 Rombertik

 by Intimacygel ¦  Wed May 06, 2015 2:38 pm ¦  Forum: Malware ¦  Topic: Win32/Rombertik ¦  Replies: 27 ¦  Views: 52646

This is blowing up in the media for like no reason. It's not even that scary or innovative.

Here is an unpacked sample

Re: Cryptowall

 by Intimacygel ¦  Wed Feb 11, 2015 9:57 pm ¦  Forum: Malware ¦  Topic: Cryptowall (alias Crowti) ¦  Replies: 29 ¦  Views: 66716

Re: keyholder ransomware

 by Intimacygel ¦  Tue Dec 16, 2014 11:40 pm ¦  Forum: Completed Malware Requests ¦  Topic: keyholder ransomware ¦  Replies: 2 ¦  Views: 2736

I believe he is referring to this infection. Still no MD5s listed but it might help the search
http://www.bleepingcomputer.com/forums/ ... ryptorbit/