A forum for reverse engineering, OS internals and malware analysis 

Search found 163 matches

 Go to advanced search

Re: Locky ransomware

 by rough_spear ¦  Wed Mar 23, 2016 9:57 pm ¦  Forum: Malware ¦  Topic: Locky ransomware ¦  Replies: 142 ¦  Views: 204055

Hi,

2 more Locky executables.

MD5 -
74A9930BC7F9065C803A539B8F8039A5
ACD788E3631943E41412C7A0D657AB67

rough_spear ;)

Re: Locky ransomware

 by rough_spear ¦  Wed Mar 23, 2016 9:18 pm ¦  Forum: Malware ¦  Topic: Locky ransomware ¦  Replies: 142 ¦  Views: 204055

Hi All,

latest Locky executable file.

MD5 - 5EE9739AEFBEA668149C2F6EA18D1CF0

Regards,

rough_spear.

Re: Locky ransomware

 by rough_spear ¦  Wed Mar 23, 2016 8:55 pm ¦  Forum: Malware ¦  Topic: Locky ransomware ¦  Replies: 142 ¦  Views: 204055

Hi,

New Locky downloader Java scripts.

MD5 -
404D957F0413499957A7879A7D40B3ED
88F54321A8C5855F43E63CBF43276288
898BCDB79D6237CD82751326D5EDFB98
C8275423812E439CE9C1496E1281FE74

Regards,

rough_spear.

Re: ransomwaretracker abuse.ch

 by rough_spear ¦  Sun Mar 20, 2016 6:27 pm ¦  Forum: Malware ¦  Topic: ransomwaretracker abuse.ch ¦  Replies: 1 ¦  Views: 3202

Hi,

Use below urls to download the url list files.

Ransomware URL Blocklist-

https://ransomwaretracker.abuse.ch/down ... _URLBL.txt

Locky Ransomware Distribution Site URL blocklist -

https://ransomwaretracker.abuse.ch/down ... _URLBL.txt

Regards,

rough_spear.

Re: TeslaCrypt ransomware

 by rough_spear ¦  Sun Mar 20, 2016 6:11 pm ¦  Forum: Malware ¦  Topic: TeslaCrypt ransomware ¦  Replies: 58 ¦  Views: 90244

Hi,

Teslacrypt malware executable.

MD5 - 280D48953880C4A27DF69957916F718F

Regards,

rough_spear.

Re: Locky ransomware

 by rough_spear ¦  Sun Mar 20, 2016 6:06 pm ¦  Forum: Malware ¦  Topic: Locky ransomware ¦  Replies: 142 ¦  Views: 204055

Hi All, 4 locky executables and 2 locky executables downloader javascripts. Executables MD5- 6A83A846244DDB4203902127294FD995 1B37144A47DDD8FDE54DE5DD9621DF59 13174317A9ACD10F244A6B87475C4866 828521AECC96D57A4FDB372E74737FEF Java script MD5- 638CC728994F0A95BAEFBF852D63AF8D 804E355B1C8C2F658C1619268...

Re: Win32/Caphaw (Shylock)

 by rough_spear ¦  Mon Dec 16, 2013 4:10 pm ¦  Forum: Malware ¦  Topic: Win32/Caphaw (Shylock) ¦  Replies: 46 ¦  Views: 53400

Hi All, 3 files with very low detection. List of MD5 - 0172495303FC362C37110CC769942A07 VT link - https://www.virustotal.com/en/file/f60f8e55879c8885178154411f1e60fbd6a19d63f90b46f43295c1a63abcad67/analysis/ 59AC4EDAB4AB25813C91C5200587EEC1 VT link - https://www.virustotal.com/en/file/7a98af6b50d06d...

Re: Ursnif - New Blackhole spreading malware

 by rough_spear ¦  Sun Dec 01, 2013 5:36 pm ¦  Forum: Malware ¦  Topic: WinNT/Ursnif (alias ISFB/Gozi) ¦  Replies: 50 ¦  Views: 68496

Hi All,

64 Bit Ursnif - low detection.

MD5 - 46DB4791C35D6C83862E2712CF411C3F

VT link - https://www.virustotal.com/en/file/0d29 ... /analysis/


Regards,

rough_spear. ;)

CVE-2013-5065

 by rough_spear ¦  Fri Nov 29, 2013 5:34 am ¦  Forum: Completed Malware Requests ¦  Topic: CVE-2013-5065 ¦  Replies: 1 ¦  Views: 2175

Hi All, Can anybody share following malware. SHA256: 91fa33cb02c4631c32b7ab9775dfbb5f77cfb4e50d4b97f30a895a2e3bc003ec VT link - https://www.virustotal.com/en/file/91fa33cb02c4631c32b7ab9775dfbb5f77cfb4e50d4b97f30a895a2e3bc003ec/analysis/ Fire eye article - http://www.fireeye.com/blog/technical/cyber...

Re: CryptoLocker (Trojan:Win32/Crilock.A)

 by rough_spear ¦  Tue Oct 08, 2013 6:08 am ¦  Forum: Malware ¦  Topic: CryptoLocker (Trojan:Win32/Crilock.A) ¦  Replies: 118 ¦  Views: 206195

Hi All, Here is the download link. hxxp://feyrckkwwjymeo.org/1002.exe Dropper collected today low detection on VT (1/47 as of this post) SHA256: 2163570f047cefc466c0ca370e56b6fbb770c4f71603b2353c1b6fd8e482ced8 SHA1: a4c60f419c5aa760db9904a59c8d79fce2636d68 MD5: 0204332754da5975b6947294b2d64c92 Detec...

  • 1
  • 2
  • 3
  • 4
  • 5
  • 17