A forum for reverse engineering, OS internals and malware analysis 

Search found 92 matches

 Go to advanced search

Re: Android Malware(All Android malware goes here)

 by cjbi ¦  Sun Apr 13, 2014 2:06 pm ¦  Forum: Malware ¦  Topic: Android Malware(All Android malware goes here) ¦  Replies: 105 ¦  Views: 192023

Fresh (2014.04.11) Korean targeted Android malware.

This apk is protected by ApkProtect.com
VT result:
1/51 https://www.virustotal.com/en/file/b6e9 ... 397394158/

Trojan:Android/Gepew.A

 by cjbi ¦  Sun Mar 09, 2014 7:07 am ¦  Forum: Malware ¦  Topic: Android Malware(All Android malware goes here) ¦  Replies: 105 ¦  Views: 192023

Very fresh (2014.03.09) Korean targeted Android malware.

VT result:
15/50 https://www.virustotal.com/en/file/f80f ... 394348185/

Trojan:Android/TelMan.A

 by cjbi ¦  Sat Jan 25, 2014 3:32 pm ¦  Forum: Malware ¦  Topic: Android Malware(All Android malware goes here) ¦  Replies: 105 ¦  Views: 192023

Fresh (2014.01.21) Korean targeted Android malware.

Fake SMS:

SMS.png
VT result:
12/50 https://www.virustotal.com/en/file/a23a ... 390662537/

Trojan:Android/FakeKRBank.A (alias Bankun)

 by cjbi ¦  Sat Jan 25, 2014 3:25 pm ¦  Forum: Malware ¦  Topic: Android Malware(All Android malware goes here) ¦  Replies: 105 ¦  Views: 192023

Old (2013.08.01) Korean targeted Android malware.

VT result
29/50 https://www.virustotal.com/en/file/a5c7 ... 390662912/

Re: Guntior bootkit (Chinese combine)

 by cjbi ¦  Sun Jul 14, 2013 9:40 am ¦  Forum: Malware ¦  Topic: Guntior bootkit (Chinese combine) ¦  Replies: 35 ¦  Views: 38292

Fresh signed Guntior (with PbBot) sample attached.

VirusTotal result(s)
ght3.exe.vir 13/47 https://www.virustotal.com/en/file/99b7 ... 373794226/

Re: Carberp source leaked

 by cjbi ¦  Tue Jun 25, 2013 5:34 pm ¦  Forum: Malware ¦  Topic: Carberp source leaked ¦  Replies: 28 ¦  Views: 43542

Expiro (file infector) related

krab\source - absource\pro\all source\Worm\

[Poll] What is your favorite hex editor?

 by cjbi ¦  Sat Jun 08, 2013 7:03 am ¦  Forum: General Discussion ¦  Topic: [Poll] What is your favorite hex editor? ¦  Replies: 11 ¦  Views: 38248

Hello, everyone.

What is your favorite hex editor?

P.S. Re-voting is disabled, so vote carefully. ;)

Re: JS/Autorun

 by cjbi ¦  Wed May 29, 2013 5:03 pm ¦  Forum: Malware ¦  Topic: JS/Autorun ¦  Replies: 2 ¦  Views: 3194

Decoded script attached.

Re: Trojan KRBanker (alias Banki)

 by cjbi ¦  Wed May 29, 2013 1:23 am ¦  Forum: Malware ¦  Topic: Trojan KRBanker (alias Banki) ¦  Replies: 5 ¦  Views: 7278

Recent sample (a5c2...edf.jpg) analysis by Symantec
South Korean Financial Companies Targeted by Castov

  • 1
  • 2
  • 3
  • 4
  • 5
  • 10