A forum for reverse engineering, OS internals and malware analysis 

Search found 204 matches

 Go to advanced search

Re: Sandboxes (Discussion)

 by Blaze ¦  Wed Mar 14, 2018 9:32 am ¦  Forum: Malware ¦  Topic: Sandboxes (Discussion) ¦  Replies: 25 ¦  Views: 27447

Two new ones:

https://app.any.run/ (registration needed)
https://cape.contextis.com/

Re: Cerber

 by Blaze ¦  Thu Jun 02, 2016 9:55 am ¦  Forum: Malware ¦  Topic: Win32/Cerber ¦  Replies: 76 ¦  Views: 165593

Another sample.

Re: Malware Derusbi server-variant

 by Blaze ¦  Tue Mar 01, 2016 12:43 pm ¦  Forum: Malware ¦  Topic: Malware Derusbi server-variant ¦  Replies: 2 ¦  Views: 4699

Derusbi for 64-bit Linux. https://www.fidelissecurity.com/sites/default/files/TA_Fidelis_Turbo_1602%283%29.pdf (PDF) In the summer of 2015, Fidelis Cybersecurity had the opportunity to analyze a Derusbi malware sample used as part of a campaign we’ve labeled Turbo, for the associated kernel module t...

Re: Android Malware(All Android malware goes here)

 by Blaze ¦  Fri Feb 19, 2016 9:42 am ¦  Forum: Malware ¦  Topic: Android Malware(All Android malware goes here) ¦  Replies: 105 ¦  Views: 196082

Re: Win32/Critroni (CTB-Locker)

 by Blaze ¦  Wed Feb 17, 2016 4:49 pm ¦  Forum: Malware ¦  Topic: Win32/Critroni (CTB-Locker) ¦  Replies: 35 ¦  Views: 69508

Another one (localised, Dutch). Signed executable.

Image

https://twitter.com/bartblaze/status/699996668348010497

Locky ransomware

 by Blaze ¦  Wed Feb 17, 2016 4:48 pm ¦  Forum: Malware ¦  Topic: Locky ransomware ¦  Replies: 142 ¦  Views: 204644

HydraCrypt ransomware

 by Blaze ¦  Thu Feb 04, 2016 9:56 am ¦  Forum: Malware ¦  Topic: HydraCrypt ransomware ¦  Replies: 0 ¦  Views: 3221

Again another one. Thanks to Brad (@malware_traffic).

http://malware-traffic-analysis.net/201 ... ndex2.html

Image

Callback:

Code: Select all
http://drivers-softprotect.eu/flamme.php
http://drivers-softprotect.eu/img.jpg
Mentioned sample + additional samples attached.

Vipasana ransomware

 by Blaze ¦  Wed Feb 03, 2016 3:34 pm ¦  Forum: Malware ¦  Topic: Vipasana ransomware ¦  Replies: 1 ¦  Views: 3649

Nothing too special, but feel free to check it out. Blog: http://bartblaze.blogspot.com/2016/02/vipasana-ransomware-new-ransom-on-block.html http://1.bp.blogspot.com/-VoE-n0BNQbM/Vq-EOcEwG_I/AAAAAAAABYk/K7h8RIYTd9Q/s1600/desk.jpg Callback: http://shopping-na-divane.ru/system/logs/tool/inst.php http:...

Re: Android Malware(All Android malware goes here)

 by Blaze ¦  Fri Jan 29, 2016 2:20 pm ¦  Forum: Malware ¦  Topic: Android Malware(All Android malware goes here) ¦  Replies: 105 ¦  Views: 196082

LockDroid. (~PornDroid spinoff) See also: http://www.symantec.com/connect/blogs/android-ransomware-variant-uses-clickjacking-become-device-administrator Would be great if Symantec could provide some more (f)actual information. Claims to be from the Ministry of Internal Affairs of the Russian Federat...

Re: Point-of-Sale malwares / RAM scrapers

 by Blaze ¦  Thu Jan 28, 2016 7:30 pm ¦  Forum: Malware ¦  Topic: Point-of-Sale malwares / RAM scrapers ¦  Replies: 244 ¦  Views: 867747
  • 1
  • 2
  • 3
  • 4
  • 5
  • 21