Search found 18 matches

by stevegs1821
Mon Oct 29, 2018 3:27 pm
Forum: Malware Requests
Topic: APT38 Related malware?
Replies: 0
Views: 1170

APT38 Related malware?

HEllo,

Would anyone happen to have specific hashes related to Fireeye APT38 report?

references:
https://www.fireeye.com/blog/threat-res ... group.html
https://content.fireeye.com/apt/rpt-apt38

ty

st
by stevegs1821
Mon Oct 01, 2018 4:15 pm
Forum: Malware
Topic: LoJax(UEFI rootkit)
Replies: 6
Views: 2662

Re: LoJax(UEFI rootkit)

^^^^^^ The above hashes are SHA1 btw

st
by stevegs1821
Mon Oct 01, 2018 4:14 pm
Forum: Malware
Topic: LoJax(UEFI rootkit)
Replies: 6
Views: 2662

Re: LoJax(UEFI rootkit)

Anyone have a copy of the missing binaries?

cc217342373967d1916cb20eca5ccb29caaf7c1b  ReWriter_binary.exe
ea728abe26bac161e110970051e1561fd51db93b  ReWriter_read.exe
f2be778971ad9df2082a266bd04ab657bd287413  SecDXE
700d7e763f59e706b4f05c69911319690f85432e  autoche.exe

ty,

st
by stevegs1821
Thu Aug 23, 2018 3:25 pm
Forum: Malware Requests
Topic: CVE-2018-8373 Exploit(s) / HTML_EXPLOIT.YYRV
Replies: 0
Views: 1906

CVE-2018-8373 Exploit(s) / HTML_EXPLOIT.YYRV

Hello, Would anyone be able to share a copy of the CVE-2018-8373 exploit, please? Reference: https://blog.trendmicro.com/trendlabs-security-intelligence/use-after-free-uaf-vulnerability-cve-2018-8373-in-vbscript-engine-affects-internet-explorer-to-run-shellcode/ SHA256: 0d6fe137790e2ebdf4fac2dd50065...
by stevegs1821
Tue May 08, 2018 2:46 pm
Forum: Completed Malware Requests
Topic: SynAck ransomware
Replies: 4
Views: 2245

Re: SynAck ransomware

+ 1...same request
by stevegs1821
Tue Feb 21, 2017 10:00 pm
Forum: Completed Malware Requests
Topic: Methbot
Replies: 0
Views: 6071

Methbot

Hello,

I'm seeking confirmed samples of Methbot.

Reference: https://www.whiteops.com/methbot
http://go.whiteops.com/rs/179-SQE-823/i ... ion_WP.pdf


Thanks,

sg
by stevegs1821
Tue Aug 16, 2016 3:26 pm
Forum: Malware
Topic: Win32/Cerber
Replies: 76
Views: 164353

Re: Win32/Cerber

by stevegs1821
Mon Jul 18, 2016 3:28 pm
Forum: Completed Malware Requests
Topic: Request: Stampedo Ransomware
Replies: 3
Views: 5269

Request: Stampedo Ransomware

Hello, Very little public info here. It was for sale on AlphaBay and covered in a few blogs (no hashes etc). Request details: 1) Stampedo Ransomware / kit 2) Hashes (unavailable) 3) References: https://heimdalsecurity.com/blog/security-alert-stampado-ransomware-on-sale/ http://betanews.com/2016/07/1...
by stevegs1821
Thu Mar 31, 2016 7:26 am
Forum: Completed Malware Requests
Topic: PowerWare Ransomware (specific DOC example)
Replies: 1
Views: 2516

PowerWare Ransomware (specific DOC example)

Hello, Requesting a copy of: MD5: 063394a08bb3eec2680a30939e906343 Reference: https://www.carbonblack.com/2016/03/25/threat-alert-powerware-new-ransomware-written-in-powershell-targets-organizations-via-microsoft-word/ https://blog.cylance.com/ransomware-update-todays-bountiful-cornucopia-of-extorti...
by stevegs1821
Tue Dec 08, 2015 3:09 pm
Forum: Completed Malware Requests
Topic: Sample of FireEye's BootKit?
Replies: 9
Views: 8307

Re: Sample of FireEye's BootKit?

needs to go in the Request area . . but ..

+1