A forum for reverse engineering, OS internals and malware analysis 

Search found 45 matches

 Go to advanced search

Linux.CyberEurope

 by K_Mikhail ¦  Tue Sep 06, 2016 12:42 pm ¦  Forum: Malware ¦  Topic: Linux.CyberEurope ¦  Replies: 7 ¦  Views: 12292

Something new: https://www.virustotal.com/en/file/47de ... /analysis/

[drweb.com #7192274]: Added Linux.CyberEurope.1

IRONGATE ICS Malware (FireEye blog)

 by K_Mikhail ¦  Fri Jun 03, 2016 9:25 pm ¦  Forum: Malware ¦  Topic: IRONGATE ICS Malware (FireEye blog) ¦  Replies: 3 ¦  Views: 5495

"IRONGATE ICS Malware: Nothing to See Here...Masking Malicious Activity on SCADA Systems" : https://www.fireeye.com/blog/threat-res ... lware.html

Linux/TheMoon

 by K_Mikhail ¦  Mon Jan 25, 2016 5:52 pm ¦  Forum: Malware ¦  Topic: Linux/TheMoon ¦  Replies: 2 ¦  Views: 4129

Threat Actors Use Sketchy Dating Website to Launch New Home Router Attacks: https://www.damballa.com/threat-actors-use-sketchy-dating-website-to-launch-new-home-router-attacks/ Hashes from article: 2b82c715c2f1480b57e59bd7c55ef32db312e008 c05bd53f91032f2c8cae509477d760537f014621 9b22373e8cd7c6b087ca...

Re: Linux/Mayhem

 by K_Mikhail ¦  Tue Nov 24, 2015 9:52 pm ¦  Forum: Malware ¦  Topic: Linux/Mayhem ¦  Replies: 26 ¦  Views: 60484

9a502f12eff9526cc0e68afd01c090cb53d947fe: https://www.virustotal.com/ru/file/d935 ... 448401640/

Found on _http://www.ultralast.net/lib32/

Re: Linux/FileCoder (Linux.Encoder)

 by K_Mikhail ¦  Tue Nov 24, 2015 11:15 am ¦  Forum: Malware ¦  Topic: Linux/FileCoder (Linux.Encoder) ¦  Replies: 18 ¦  Views: 52152

Linux.Encoder.2: https://news.drweb.com/show/?i=9709&lng=en&c=14

14ffe3ef5ccfbbc9a03ebd67d70b7cbf521db3f2
541966dd25ce48a8f54b270b9aed2fba3f021d29
57cf90a1cea89e13c3fd625854dd6b81228796b9
aebb9bf852d848e22e8a7bba4d64874c7953460d
b45f8f33ff54ece377fad73a8f89857c2bc114ac

Re: Linux/Mayhem

 by K_Mikhail ¦  Fri Nov 20, 2015 12:17 am ¦  Forum: Malware ¦  Topic: Linux/Mayhem ¦  Replies: 26 ¦  Views: 60484

Re: Linux/Mayhem

 by K_Mikhail ¦  Fri Nov 06, 2015 8:24 pm ¦  Forum: Malware ¦  Topic: Linux/Mayhem ¦  Replies: 26 ¦  Views: 60484

Seems to be Mayhem brute-forcer tool. Found on _http://modelmystique.com/

Detection ratio: 0/54: https://www.virustotal.com/ru/file/3f9d ... 446841359/

Linux.BackDoor.Dklkt

 by K_Mikhail ¦  Sun Jul 26, 2015 7:45 am ¦  Forum: Malware ¦  Topic: Linux.BackDoor.Dklkt ¦  Replies: 1 ¦  Views: 4428

Re: Linux/Mayhem

 by K_Mikhail ¦  Thu Jul 16, 2015 4:30 pm ¦  Forum: Malware ¦  Topic: Linux/Mayhem ¦  Replies: 26 ¦  Views: 60484

5bbdecf6844ded06e88c4d9e89ae19d3 (bruteforce.so)
77f48245b2b1b99e4da685902c28aa64 (crawler.so)

Re: Linux/Mayhem

 by K_Mikhail ¦  Sat Jan 17, 2015 3:34 pm ¦  Forum: Malware ¦  Topic: Linux/Mayhem ¦  Replies: 26 ¦  Views: 60484

Possibly, fresh:
541bfccc1c1980e062c0a3df30a2cd6c
a138999e7a0b22f9ea59d199ebae3d11