A forum for reverse engineering, OS internals and malware analysis 

Search found 163 matches

 Go to advanced search

Re: Carberp source leaked

 by rough_spear ¦  Sat Jun 29, 2013 7:57 pm ¦  Forum: Malware ¦  Topic: Carberp source leaked ¦  Replies: 28 ¦  Views: 44803

frame4-mdpro wrote:"Kj1#w2*LadiOQpw3oi029)K Oa(28)uspeh"

it says wrong password :evil:

Re: Win32/Zeus (alias Zbot)

 by rough_spear ¦  Sun Jun 09, 2013 1:58 pm ¦  Forum: Malware ¦  Topic: Win32/Zeus (alias Zbot) ¦  Replies: 281 ¦  Views: 366147

Hi All, :D

Five zbot samples.

MD5 list:
699E22B01D17ACA28BA6DFBDF3C42987
7D0463D3BD592CDB034E4412B2C20CAB
7d6306c0f3bb9b9692bd4db7a965a039
e7744842585c51e97de4c4758adb0a92
f0dadf8128c787221480533b31964894

Regards,

rough_spear.

Re: Rogue Antimalware (FakeAV, 2013 year)

 by rough_spear ¦  Sat Jun 08, 2013 12:23 pm ¦  Forum: Malware ¦  Topic: Rogue Antimalware (FakeAV, 2013 year) ¦  Replies: 142 ¦  Views: 221034

SYSTEM DOCTOR 2014

MD5 - 6110AAEF222DE2F5715B84505D1197C4

VT link - http://www.virustotal.com/file/b9c2d9f4 ... 370693251/

Regards,

rough_spear. ;)

Re: Win32/Ramnit

 by rough_spear ¦  Fri Jun 07, 2013 6:41 am ¦  Forum: Malware ¦  Topic: Win32/Ramnit ¦  Replies: 96 ¦  Views: 158702

Hi All, :D

Here is Ramnit dropper.

MD5 - 6285bda905138b3f97c33198c7376104

VT link - https://www.virustotal.com/en/file/3866 ... 370586565/

Regards,


rough_spear. :)

Re: Win32/Cutwail

 by rough_spear ¦  Sat Jun 01, 2013 5:15 am ¦  Forum: Malware ¦  Topic: Win32/Cutwail ¦  Replies: 33 ¦  Views: 44014

Hi All, two more cutwail samples. MD5 - 357423154CF2DEB27CEA8219633158CA https://www.virustotal.com/en/file/14ae31511d66c143be7df6b9f6a55fc62f11bbf5a609632fe6ec2f014dd9be41/analysis/ MD5 - F76D105EAF3E29CCF817EB5E0D83A221 https://www.virustotal.com/en/file/c5dfdc32391dba0116eb3d5d415b005e850286b97f...

Re: Win32/Cutwail

 by rough_spear ¦  Tue May 28, 2013 5:27 am ¦  Forum: Malware ¦  Topic: Win32/Cutwail ¦  Replies: 33 ¦  Views: 44014

Hi All, two more cutwail samples. MD5 - 357423154CF2DEB27CEA8219633158CA https://www.virustotal.com/en/file/14ae31511d66c143be7df6b9f6a55fc62f11bbf5a609632fe6ec2f014dd9be41/analysis/ MD5 - F76D105EAF3E29CCF817EB5E0D83A221 https://www.virustotal.com/en/file/c5dfdc32391dba0116eb3d5d415b005e850286b97f5...

Re: Win32/Zeus (alias Zbot)

 by rough_spear ¦  Sun May 26, 2013 3:52 pm ¦  Forum: Malware ¦  Topic: Win32/Zeus (alias Zbot) ¦  Replies: 281 ¦  Views: 366147

Hi All, Zbot goes crazy, logs off the user immediately after logs in. I think something is broken while building this binary. VT LInk - https://www.virustotal.com/en/file/77625295c1c7f175a82deb2b651a2da84682671a8576e8e677206e4b809292c3/analysis/ MD5 - a5874bba22985e52351e58bded1d0197 Regards, rough_...

Re: RAT (Remote Access Tool)

 by rough_spear ¦  Mon Apr 15, 2013 4:32 pm ¦  Forum: Malware ¦  Topic: RAT (Remote Access Tool) ¦  Replies: 34 ¦  Views: 41878

Hi All, :D

Here is one more RAT tool called Poison Ivy.

version is 2.3.2.

Regards,

rough_spear. ;)

Re: RAT (Remote Access Tool)

 by rough_spear ¦  Mon Apr 15, 2013 4:08 pm ¦  Forum: Malware ¦  Topic: RAT (Remote Access Tool) ¦  Replies: 34 ¦  Views: 41878

Hi All, :D

Here is another RAT tool called Bifrost 1.2.1d

VT shows wide detection among almost all AVs.

Regards,

rough_spear. ;)

Re: RAT (Remote Access Tool)

 by rough_spear ¦  Sat Apr 13, 2013 6:57 pm ¦  Forum: Malware ¦  Topic: RAT (Remote Access Tool) ¦  Replies: 34 ¦  Views: 41878

Hi All, :D

Dark Comet RAT 5.3.2

it is in three parts due to single file size limitation in attachment.

rename the files to File_name.7z.001 and so on as per the part no.

Regards,

rough_spear. ;)

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 17