A forum for reverse engineering, OS internals and malware analysis 

Search found 72 matches

 Go to advanced search

Re: Malware collection

 by Fedor22 ¦  Fri Jan 25, 2019 5:24 pm ¦  Forum: Malware ¦  Topic: Malware collection ¦  Replies: 65 ¦  Views: 503587

thanks https://www.virustotal.com/en/file/97f002b5bad5077e8a8e08acf73c4815d4cbaac17979e5595f5785aeede8508a/analysis/1548431560/ https://www.virustotal.com/en/file/6fe7c4bd96c629292a7d21b4dd4bdcf69a80792be12f197d4abd1eb54b8bd65a/analysis/1548430639/ The first sample is Troldesh (Shade) ransomware. C...

Re: Malware Analyst

 by Fedor22 ¦  Sun Jan 20, 2019 9:10 pm ¦  Forum: Newbie Questions ¦  Topic: Malware Analyst ¦  Replies: 6 ¦  Views: 2124

Yep, you must have your own corporate entity and be prepared to show qualifications or credentials.
Once you understand what kind of queries you will be making, they may be willing to discuss access and pricing options.

Re: Malware collection

 by Fedor22 ¦  Sun Jan 20, 2019 6:36 pm ¦  Forum: Malware ¦  Topic: Malware collection ¦  Replies: 65 ¦  Views: 503587

The second sample is a just adware bundle, which downloaded from hxxp://disk-space.ru or something like that. In addition, he installs a bunch of unwanted software, like Mail.Ru Updates, My Web Shield, etc. Address directs to: hxxp://disk-space.ru/u/f68ab6d35d50666bdbea5bbae80cc3e5/7afac1d6a3/baza_v...

Re: CrySis Ransomware

 by Fedor22 ¦  Tue Jan 15, 2019 8:27 pm ¦  Forum: Completed Malware Requests ¦  Topic: CrySis Ransomware ¦  Replies: 1 ¦  Views: 717

Sample attached.

Re: Malware collection

 by Fedor22 ¦  Tue Jan 15, 2019 6:22 pm ¦  Forum: Malware ¦  Topic: Malware collection ¦  Replies: 65 ¦  Views: 503587

thanks you a lot . https://www.virustotal.com/en/file/077bfbb56056becc2b984ee6c0eb487c02bf7c05f9e2f758655d6551e06a2736/analysis/1547574817/ USB Disk Security is not malicious but installer contains Linkzb toolbar, due to antiviruses detect this program as adware, it started from 6.4.0.1 version.

Re: Malware collection

 by Fedor22 ¦  Tue Jan 15, 2019 5:44 pm ¦  Forum: Malware ¦  Topic: Malware collection ¦  Replies: 65 ¦  Views: 503587

Thanks for clean. https://www.virustotal.com/en/file/fc03e1f920d4d45b7a8b7151aab189fa6abec650cfdd34687a488414e27fac7d/analysis/1547571750/ https://www.virustotal.com/en/file/4955b59f385c9760337fd4a7582856329bba4083fbb3c8d3a6bec4add82e09d1/analysis/1547565729/ https://www.virustotal.com/en/file/cfed...

Re: ComradeCircle Ransomware

 by Fedor22 ¦  Mon Jan 14, 2019 4:07 pm ¦  Forum: Completed Malware Requests ¦  Topic: ComradeCircle Ransomware ¦  Replies: 1 ¦  Views: 597

Sample attached.

Re: PUPs & Rogue software

 by Fedor22 ¦  Sat Jan 12, 2019 7:48 pm ¦  Forum: Malware ¦  Topic: PUPs & Rogue software ¦  Replies: 17 ¦  Views: 6779

Perfect PC Cleanup Creates itself in "Program Files", changes internet settings in the registry, shows false positives and asks to buy a product after scan. Installer: MD5: ed1954e40caf59b1335893e156661fef SHA1: 37c066fcab1f704d8a5de58c3e3ce1942726e396 SHA256: b00129823975a8f54d4c4ff039817038d77690...

Re: PUPs & Rogue software

 by Fedor22 ¦  Fri Dec 14, 2018 6:40 pm ¦  Forum: Malware ¦  Topic: PUPs & Rogue software ¦  Replies: 17 ¦  Views: 6779

WiperSoft Creates itself in "Program Files" and in the scheduled tasks, shows false positives to mislead users and after that asks to buy a product. Installer: MD5: 9e3604e2f65d31c8a6a01fd3ddbecc39 SHA1: d0efc6e4a424e277239c535802d66b619bd02872 SHA256: af24fcdd574c1097cc1709c9be008fe129c7a9d0ec9690...

Re: VXDecember Request

 by Fedor22 ¦  Sun Dec 02, 2018 10:01 pm ¦  Forum: Completed Malware Requests ¦  Topic: VXDecember Request ¦  Replies: 1 ¦  Views: 906

Samples attached.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 8