MDL wrote in Twitter that it discovered new Sinowal activity after some weeks of silence. Domain names are probably being generated again.
A forum for reverse engineering, OS internals and malware analysis
Attachments
pass: virus
(43.03 KiB) Downloaded 85 times
(43.03 KiB) Downloaded 85 times
There are Sinowal's more and more. Was caught over 15 droppers at last two days.
rkhunter wrote:There are Sinowal's more and more. Was caught over 15 droppers at last two days.Please attach your samples.
Aleksandra wrote:rkhunter wrote:There are Sinowal's more and more. Was caught over 15 droppers at last two days.Please attach your samples.
Attachments
pass:malware
(435 KiB) Downloaded 108 times
(435 KiB) Downloaded 108 times
Hi all!
First of all, I wish an happy new year to everyone here.
Second, and more important thing is this: http://www.aall86.altervista.org/files/ ... alysis.pdf
Take a glance of it, it's an analysis of last Sinowal I found, and tell me what do you think about...
Unfortunately I lost that damn payload in some VM I use for analysis. Let me know if someone has the exact payload of my analysis please...
Regards,
Andrea
First of all, I wish an happy new year to everyone here.
Second, and more important thing is this: http://www.aall86.altervista.org/files/ ... alysis.pdf
Take a glance of it, it's an analysis of last Sinowal I found, and tell me what do you think about...
Unfortunately I lost that damn payload in some VM I use for analysis. Let me know if someone has the exact payload of my analysis please...
Regards,
Andrea
http://www.threatexpert.com/reports.asp ... &x=12&y=13
:(
Ill see if I can find the originals I sent yall, not sure where I put them.
Cheers,
MJ
:(
Ill see if I can find the originals I sent yall, not sure where I put them.
Cheers,
MJ
Arrogance led me to my Ignorance
28 fresh samples
Attachments
pass: infected
(979.44 KiB) Downloaded 110 times
(979.44 KiB) Downloaded 110 times
35 fresh samples
Attachments
pass:infected
(2.31 MiB) Downloaded 147 times
(2.31 MiB) Downloaded 147 times