A forum for reverse engineering, OS internals and malware analysis 

Search found 113 matches

 Go to advanced search

Re: Win32/Xswkit (alias Gootkit)

 by patriq ¦  Wed Jan 11, 2017 7:04 pm ¦  Forum: Malware ¦  Topic: Win32/Xswkit (alias Gootkit) ¦  Replies: 61 ¦  Views: 123335

para la policia -drop location Madrid Spain.
(BIC for BANKIA S.A. bank located in VALENCIA - SPAIN)

gootkit_panel.PNG

Re: WinNT/Cridex (alias Dridex, Drixed)

 by patriq ¦  Tue Dec 20, 2016 5:58 pm ¦  Forum: Malware ¦  Topic: WinNT/Cridex (alias Dridex, Drixed) ¦  Replies: 149 ¦  Views: 244348

Re: List of actual Ransomware

 by patriq ¦  Wed Nov 02, 2016 8:00 pm ¦  Forum: Newbie Questions ¦  Topic: List of actual Ransomware ¦  Replies: 3 ¦  Views: 8454

also 777, 7ev3n, 7h9r, 8lock8, ACCDFISA v2.0, AiraCrop, Al-Namrood, Alcatraz, Alfa, Alma Locker, Alpha, AMBA, AngryDuck, Anubis, Apocalypse, Apocalypse (New Variant), ApocalypseVM, APT, ASN1 Encoder, AutoLocky, AxCrypter, BadBlock, Bandarchor, BankAccountSummary, Bart, Bart v2.0, BitCrypt, BitCrypt ...

Re: List of actual Ransomware

 by patriq ¦  Wed Nov 02, 2016 7:57 pm ¦  Forum: Newbie Questions ¦  Topic: List of actual Ransomware ¦  Replies: 3 ¦  Views: 8454

Do 5 mins of google on your own for fucksake..

http://www.bleepingcomputer.com/forums/ ... ?p=1307244

Win32/StrongPity

 by patriq ¦  Mon Oct 10, 2016 10:16 pm ¦  Forum: Malware ¦  Topic: Win32/StrongPity ¦  Replies: 0 ¦  Views: 8722

https://securelist.com/blog/research/76147/on-the-strongpity-waterhole-attacks-targeting-italian-and-belgian-encryption-users/ http://usa.kaspersky.com/about-us/press-center/press-releases/2016/Kaspersky_Lab_Reveals_Advanced_Persistent_Threat_StrongPity some win32/strongpity stuff attached caced8a4...

Re: Scylex

 by patriq ¦  Fri Sep 09, 2016 4:49 pm ¦  Forum: Completed Malware Requests ¦  Topic: Scylex ¦  Replies: 2 ¦  Views: 8089

from your link "Scylex hasn’t been spotted in the wild" I also checked out Lampeduza and couldn't find that advertisement or user account 'Others' The video htxps://a.cocaine.ninja/vkkpew.mp4 shows a hidden vnc backconnect, features listed include form grabbing and webinjects, download and execute i...

Re: Winlocker.VB6.Blacksod

 by patriq ¦  Wed Aug 03, 2016 9:07 pm ¦  Forum: Malware ¦  Topic: Winlocker.VB6.Blacksod ¦  Replies: 3 ¦  Views: 6444

When I google "1-866-933-5490" This is the first result - hxxp://www.tekexpert.net/contact-us.html Possibly related, looks like a scam tech support page. Samples that contact recoverpcerror.com (just visit the index and a sample downloads) https://www.virustotal.com/en/file/c3edf555f78efa240cc0aea22...

Re: Win32/Cerber

 by patriq ¦  Mon Jul 11, 2016 2:44 am ¦  Forum: Malware ¦  Topic: Win32/Cerber ¦  Replies: 76 ¦  Views: 164381

"global_public_key" xors, not sure if you noticed but the past two configs have the same key. (base64 decode) LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF2a3R5NXFocUV5ZFI5MDc2RmV2cAowdU1QN0laTm1zMUFBN0dQUVVUaE1XYllpRVlJaEJLY1QwL253WXJCcTBPZ3Y3OUsxd...

Re: Getting a PlugX Builder

 by patriq ¦  Sat Jul 09, 2016 3:39 pm ¦  Forum: Completed Malware Requests ¦  Topic: Getting a PlugX Builder ¦  Replies: 2 ¦  Views: 3939

Re: MEDJACK.2 (Conficker)

 by patriq ¦  Sat Jul 09, 2016 3:31 pm ¦  Forum: Completed Malware Requests ¦  Topic: MEDJACK.2 (Conficker) ¦  Replies: 1 ¦  Views: 3088

marketing bullshit

  • 1
  • 2
  • 3
  • 4
  • 5
  • 12