A forum for reverse engineering, OS internals and malware analysis 

Search found 75 matches

 Go to advanced search

Re: Malware collection

 by Fedor22 ¦  Sat Feb 02, 2019 3:38 pm ¦  Forum: Malware ¦  Topic: Malware collection ¦  Replies: 68 ¦  Views: 506906

ikolor wrote: Sat Feb 02, 2019 1:55 pm I don't know .

https://www.virustotal.com/en/file/d2e1 ... 549115491/

http://mywedphoto.ru/
I don't found some kind of malicious here. It's just false positive, not malware.

Re: Malware collection

 by Fedor22 ¦  Wed Jan 30, 2019 3:50 pm ¦  Forum: Malware ¦  Topic: Malware collection ¦  Replies: 68 ¦  Views: 506906

Thanks buddy . https://www.virustotal.com/en/file/f0fdbf09d4a6f7301af1d687916cae133ed2265d9eb4cb73ec76edb1440e45cd/analysis/1548862087/ Emotet downloader. Downloads exe from: hxxp://www.vario-reducer.com/wp-content/bGkoUUavZySGn hxxp://mail.saglikpersoneli.net/sohft/PTYGsf41Witt_k Connects to CnC s...

Re: Malware collection

 by Fedor22 ¦  Tue Jan 29, 2019 2:39 pm ¦  Forum: Malware ¦  Topic: Malware collection ¦  Replies: 68 ¦  Views: 506906

some file. https://www.virustotal.com/en/file/713294034922f6e9120497d4a06f0179b3141fc5cd1a56cfaa01ee33fd6319e1/analysis/ Emotet downloader. Downloads exe from: hxxp://koltukasistani.com/MQKx5tquZSaKOS_jjd5iV3ms hxxp://karnatakajudo.org/Fr7JEg3XCtx Connects to CnC server: hxxp://134.249.116.78/index...

Re: Malware collection

 by Fedor22 ¦  Fri Jan 25, 2019 5:24 pm ¦  Forum: Malware ¦  Topic: Malware collection ¦  Replies: 68 ¦  Views: 506906

thanks https://www.virustotal.com/en/file/97f002b5bad5077e8a8e08acf73c4815d4cbaac17979e5595f5785aeede8508a/analysis/1548431560/ https://www.virustotal.com/en/file/6fe7c4bd96c629292a7d21b4dd4bdcf69a80792be12f197d4abd1eb54b8bd65a/analysis/1548430639/ The first sample is Troldesh (Shade) ransomware. C...

Re: Malware Analyst

 by Fedor22 ¦  Sun Jan 20, 2019 9:10 pm ¦  Forum: Newbie Questions ¦  Topic: Malware Analyst ¦  Replies: 6 ¦  Views: 2493

Yep, you must have your own corporate entity and be prepared to show qualifications or credentials.
Once you understand what kind of queries you will be making, they may be willing to discuss access and pricing options.

Re: Malware collection

 by Fedor22 ¦  Sun Jan 20, 2019 6:36 pm ¦  Forum: Malware ¦  Topic: Malware collection ¦  Replies: 68 ¦  Views: 506906

The second sample is a just adware bundle, which downloaded from hxxp://disk-space.ru or something like that. In addition, he installs a bunch of unwanted software, like Mail.Ru Updates, My Web Shield, etc. Address directs to: hxxp://disk-space.ru/u/f68ab6d35d50666bdbea5bbae80cc3e5/7afac1d6a3/baza_v...

Re: CrySis Ransomware

 by Fedor22 ¦  Tue Jan 15, 2019 8:27 pm ¦  Forum: Completed Malware Requests ¦  Topic: CrySis Ransomware ¦  Replies: 1 ¦  Views: 800

Sample attached.

Re: Malware collection

 by Fedor22 ¦  Tue Jan 15, 2019 6:22 pm ¦  Forum: Malware ¦  Topic: Malware collection ¦  Replies: 68 ¦  Views: 506906

thanks you a lot . https://www.virustotal.com/en/file/077bfbb56056becc2b984ee6c0eb487c02bf7c05f9e2f758655d6551e06a2736/analysis/1547574817/ USB Disk Security is not malicious but installer contains Linkzb toolbar, due to antiviruses detect this program as adware, it started from 6.4.0.1 version.

Re: Malware collection

 by Fedor22 ¦  Tue Jan 15, 2019 5:44 pm ¦  Forum: Malware ¦  Topic: Malware collection ¦  Replies: 68 ¦  Views: 506906

Thanks for clean. https://www.virustotal.com/en/file/fc03e1f920d4d45b7a8b7151aab189fa6abec650cfdd34687a488414e27fac7d/analysis/1547571750/ https://www.virustotal.com/en/file/4955b59f385c9760337fd4a7582856329bba4083fbb3c8d3a6bec4add82e09d1/analysis/1547565729/ https://www.virustotal.com/en/file/cfed...

Re: ComradeCircle Ransomware

 by Fedor22 ¦  Mon Jan 14, 2019 4:07 pm ¦  Forum: Completed Malware Requests ¦  Topic: ComradeCircle Ransomware ¦  Replies: 1 ¦  Views: 666

Sample attached.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 8