Page 1 of 1

Linux/LuaBot

PostPosted:Wed Sep 07, 2016 7:22 am
by ner0x652
"Malware Must Die" released a great analysis on a new Linux bot, written in Lua.

http://blog.malwaremustdie.org/2016/09/ ... uabot.html

Re: Linux/LuaBot

PostPosted:Wed Sep 07, 2016 8:08 am
by Xylitol

Re: Linux/LuaBot

PostPosted:Fri Sep 16, 2016 3:12 pm
by Ludvig
i unpacked lua script.

sign gzip )
Code: Select all
.00102018:  1F 8B 08 00-4E BD AC 57-00 03 AC 3C-6B 73 E3 46

Re: Linux/LuaBot

PostPosted:Sun Sep 18, 2016 11:36 pm
by Xylitol
LuaBot: Malware targeting cable modems ~ https://w00tsec.blogspot.com/2016/09/lu ... odems.html

Re: Linux/LuaBot

PostPosted:Sat May 19, 2018 10:35 am
by XHR
This bot has evolved a lot since, does anyone have a fresh samples?

Report: https://vms.drweb.com/virus/?_is=2&i=15330288
Sandbox: https://detux.org/report.php?sha256=948 ... aa60c1f345

Re: Linux/LuaBot

PostPosted:Sun May 20, 2018 5:50 pm
by Xylitol
Files from dr.web article you mentioned

Re: Linux/LuaBot

PostPosted:Sat Jun 23, 2018 11:22 pm
by XHR
Thank you very much Xylitol, any chance to obtain these samples?
Code: Select all
5deb17c660de9d449675ab32048756ed
c867d00e4ed65a4ae91ee65ee00271c7
4b8c0ec8b36c6bf679b3afcc6f54442a
889100a188a42369fd93e7010f7c654b
061b03f8911c41ad18f417223840bce0

Re: Linux/LuaBot

PostPosted:Sun Jun 24, 2018 1:01 am
by Xylitol
voila