Malware Requests, part 2

Forum for completed malware requests.
Win32:Virut
Posts: 324
Joined: Sat Jun 02, 2012 2:22 pm

Re: Malware Requests, part 2

Post by Win32:Virut » Thu Oct 25, 2012 6:29 pm

b685788ae76a9933a0f30f7e7fda84be --> edit: I have found this file _hxxp://goo.gl/vE8bq?foto=l7n.16 with redirect to _hxxp://beurer.by/images/foto_skype_10-24-2012.zip
91bdf3b326b435a248c17fbd6ad5b0bb
a8bf08e0da590be1044168e0bb248d9c
CDE611AFBAA010D6739820EF1613338F
B33AA4D492282F96F9718F619EB02E34
A0B662BC95AC11410518D87EB45379E6
8D91E58411DD254359320BEECC944ED3
4463f0a48b49d4dee7813fdf087b11a8
d35405430c0eda8fbbecdc3ea1734587
9BE65B2649CEE73BB6DF5720931CD962
ecd752e568099aa2ff2c0abac0b10d23
3f9aa109f67a09dd038fdb7e03f6c1e4
8cd03fd7cff0d98c998184fdfe2c31ed
Thanks
You do not have the required permissions to view the files attached to this post.

User avatar
Xylitol
Global Moderator
Posts: 1680
Joined: Sat Apr 10, 2010 5:54 pm
Location: Seireitei, Soul Society
Contact:

Re: Malware Requests, part 2

Post by Xylitol » Thu Oct 25, 2012 11:42 pm

Win32:Virut wrote:b685788ae76a9933a0f30f7e7fda84be --> edit: I have found this file _hxxp://goo.gl/vE8bq?foto=l7n.16 with redirect to _hxxp://beurer.by/images/foto_skype_10-24-2012.zip
91bdf3b326b435a248c17fbd6ad5b0bb
a8bf08e0da590be1044168e0bb248d9c
CDE611AFBAA010D6739820EF1613338F
B33AA4D492282F96F9718F619EB02E34
A0B662BC95AC11410518D87EB45379E6
8D91E58411DD254359320BEECC944ED3
4463f0a48b49d4dee7813fdf087b11a8
d35405430c0eda8fbbecdc3ea1734587
9BE65B2649CEE73BB6DF5720931CD962
ecd752e568099aa2ff2c0abac0b10d23
3f9aa109f67a09dd038fdb7e03f6c1e4
8cd03fd7cff0d98c998184fdfe2c31ed
Thanks
part1.zip
part2.zip
yokami wrote:MD5 : 92869c9f958b5bfddefc09d6bfc03591
thank you
aca8b2f75ef47d882b61a6907fc336cb762ab79756bebd64016a18e1bfba0d1f.zip
You do not have the required permissions to view the files attached to this post.

hnpl2011
Posts: 48
Joined: Mon Jan 24, 2011 8:53 am

Re: Malware Requests, part 2

Post by hnpl2011 » Tue Oct 30, 2012 5:02 am

i'm looking for :
- Mal/JSRedir-M
MD5:
adf8adbb1dc4a1c6e16bed3d93c1e803
1cdd30610aa54d35121dc6a6cce71f8c
- Mal/Iframe-W
MD5:
e7f6edb62284be0fad6b75c5ae56f2a3
38ddc7e31c6351f80900f05d7bd75945
- eblaster:
MD5:
910297800e9dd6157464b6e7d64a7f9a
d5037ab3b58d4263ccc99322e5de316c
d007c776b630a9ac3f7ff3c01ea8c44f

Thank for help

360Tencent
Posts: 116
Joined: Thu Dec 15, 2011 12:47 pm

Re: Malware Requests, part 2

Post by 360Tencent » Tue Oct 30, 2012 11:51 am

eblaster in attach
eblaster.zip
You do not have the required permissions to view the files attached to this post.

Win32:Virut
Posts: 324
Joined: Sat Jun 02, 2012 2:22 pm

Re: Malware Requests, part 2

Post by Win32:Virut » Wed Oct 31, 2012 8:41 pm

MD5: 0361a4ddebe9c0990f393485fb8ad903
SHA1: 29debfc5df12978d7e5b215aeaa15d894d6d5448
SHA256: 9b2e1c79f412e9beea019457813615e7637f43754320a4336be389d54061d923
https://www.virustotal.com/file/9b2e1c7 ... /analysis/

MD5: 3cc89dbe519434830b41b72e6121bc68
SHA1: 02c115aa05e1dbb10b33541dcd4352846687c220
SHA256: 274cc984b4cd70d75204f6dac27ce371cdbc66e16f41a407e49cd22e5d85a213
https://www.virustotal.com/file/274cc98 ... /analysis/

ibcritn
Posts: 1
Joined: Thu Sep 27, 2012 12:16 am

Re: Malware Requests, part 2

Post by ibcritn » Thu Nov 01, 2012 3:11 pm

I would like to request the following:
MD5: dece32561247309ddb9ad5c0d1024e56
SHA256: b3a55bcc6f88a60ca25e0a2687a6694756b91f45c6b9c82e249181ff69c93c0f
https://www.virustotal.com/file/b3a55bc ... /analysis/

Thanks in advance.

p4r4n0id
Posts: 126
Joined: Thu Sep 22, 2011 11:36 am
Location: Israel
Contact:

Re: Malware Requests, part 2

Post by p4r4n0id » Thu Nov 01, 2012 3:23 pm

Hi Guys,

Looking for the "xtreme-rat-targets-israeli-government" sample, anyone?

http://blog.trendmicro.com/trendlabs-se ... overnment/

Thx,

p4r4n0id
Keep Low. Move Fast. Kill First. Die Last. One Shot. One Kill. No Luck. Pure Skill.
http://p4r4n0id.com/

Win32:Virut
Posts: 324
Joined: Sat Jun 02, 2012 2:22 pm

Re: Malware Requests, part 2

Post by Win32:Virut » Thu Nov 01, 2012 7:22 pm

ibcritn wrote:I would like to request the following:
MD5: dece32561247309ddb9ad5c0d1024e56
SHA256: b3a55bcc6f88a60ca25e0a2687a6694756b91f45c6b9c82e249181ff69c93c0f
https://www.virustotal.com/file/b3a55bc ... /analysis/

Thanks in advance.
I know this is Ransomware:

https://twitter.com/abuse_ch/status/263940445174915072
http://t.co/cmcSA0gY
"Your computer has been hacked by the Anonymous Hackers Group and locked for the moment."
I don't have this file.
p4r4n0id wrote:Hi Guys,

Looking for the "xtreme-rat-targets-israeli-government" sample, anyone?

http://blog.trendmicro.com/trendlabs-se ... overnment/

Thx,

p4r4n0id
I have this file:
https://www.virustotal.com/file/946912b ... /analysis/

Please wait a minute, I will found it.

EDIT

Attached.
You do not have the required permissions to view the files attached to this post.

kalptarunet
Posts: 12
Joined: Sun Feb 27, 2011 2:25 pm

Re: Malware Requests, part 2

Post by kalptarunet » Thu Nov 01, 2012 11:56 pm

xtreme-rat-targets-israeli-government" sample file is corrupt, please test and upload one time please.

User avatar
Xylitol
Global Moderator
Posts: 1680
Joined: Sat Apr 10, 2010 5:54 pm
Location: Seireitei, Soul Society
Contact:

Re: Malware Requests, part 2

Post by Xylitol » Sat Nov 03, 2012 8:28 am

Win32:Virut wrote:MD5: 0361a4ddebe9c0990f393485fb8ad903
SHA1: 29debfc5df12978d7e5b215aeaa15d894d6d5448
SHA256: 9b2e1c79f412e9beea019457813615e7637f43754320a4336be389d54061d923
https://www.virustotal.com/file/9b2e1c7 ... /analysis/

MD5: 3cc89dbe519434830b41b72e6121bc68
SHA1: 02c115aa05e1dbb10b33541dcd4352846687c220
SHA256: 274cc984b4cd70d75204f6dac27ce371cdbc66e16f41a407e49cd22e5d85a213
https://www.virustotal.com/file/274cc98 ... /analysis/
reviewAntivirus.zip
ibcritn wrote:I would like to request the following:
MD5: dece32561247309ddb9ad5c0d1024e56
SHA256: b3a55bcc6f88a60ca25e0a2687a6694756b91f45c6b9c82e249181ff69c93c0f
https://www.virustotal.com/file/b3a55bc ... /analysis/

Thanks in advance.
ibcritn.zip
hnpl2011 wrote:i'm looking for :
- Mal/JSRedir-M
MD5:
adf8adbb1dc4a1c6e16bed3d93c1e803
1cdd30610aa54d35121dc6a6cce71f8c
- Mal/Iframe-W
MD5:
e7f6edb62284be0fad6b75c5ae56f2a3
38ddc7e31c6351f80900f05d7bd75945
- eblaster:
MD5:
910297800e9dd6157464b6e7d64a7f9a
d5037ab3b58d4263ccc99322e5de316c
d007c776b630a9ac3f7ff3c01ea8c44f

Thank for help
hnpl2011.zip
You do not have the required permissions to view the files attached to this post.

Locked