A forum for reverse engineering, OS internals and malware analysis 

Search found 45 matches

 Go to advanced search

Re: WinNT/Rovnix (alias Mayachok, Cidox, BkLoader)

 by K_Mikhail ¦  Tue Jan 28, 2014 7:05 pm ¦  Forum: Malware ¦  Topic: WinNT/Rovnix (alias Mayachok, Cidox, BkLoader) ¦  Replies: 83 ¦  Views: 119267

VBR Infectors - TrojanDropper:Win32/Rovnix.J (Microsoft) Droppers: https://www.virustotal.com/ru/file/3112e4e96d9a1308c93061e070172f81b92c03231b71b6ca02de06fae163fa72/analysis/ https://www.virustotal.com/ru/file/49014d90f42881140256dc8d8a629d2a110656c0931f98e032b1b313da70a7e1/analysis/ https://www.v...

Re: Virus:WinNT/Expiro

 by K_Mikhail ¦  Mon Jan 13, 2014 11:35 am ¦  Forum: Malware ¦  Topic: Virus:WinNT/Expiro ¦  Replies: 15 ¦  Views: 16830

MD5: 5480a495f5d99299c6f3dce529e348c0

https://www.virustotal.com/ru/file/8c8d ... 389612625/

Re: Win32/Atrax

 by K_Mikhail ¦  Thu Dec 12, 2013 1:22 pm ¦  Forum: Malware ¦  Topic: Win32/Atrax ¦  Replies: 29 ¦  Views: 22030

31.220.3.68/www/StealerDllx86.dll_raw (XOR, key b1)

dexored file: https://www.virustotal.com/ru/file/8b58 ... 386849797/

Re: Virus:WinNT/Expiro

 by K_Mikhail ¦  Tue Aug 20, 2013 7:13 pm ¦  Forum: Malware ¦  Topic: Virus:WinNT/Expiro ¦  Replies: 15 ¦  Views: 16830

hxxp:// walzpainting.com / gaz.exe from Malc0de links (infected \drwtsn32.exe)

https://www.virustotal.com/ru/file/16bb ... 377021758/

Aduska bootkit (Whistler based)

 by K_Mikhail ¦  Sat Feb 02, 2013 12:26 pm ¦  Forum: Malware ¦  Topic: Aduska bootkit (Whistler based) ¦  Replies: 6 ¦  Views: 9806

Dropper: https://www.virustotal.com/file/80c061319dd5b3fbac1268974779193f4c00313262d8bf77c0f309685afe1eb4/analysis/ Dropped driver: https://www.virustotal.com/file/99986335621cc621035e6556d06e764ee954b430bf3aac42311396f0cee7a44e/analysis/ Infected boot: https://www.virustotal.com/file/431799ad16180c...