A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #4670  by EP_X0FF
 Sun Jan 23, 2011 3:16 pm
markusg wrote:
Code: Select all
 http://hotfile.com/dl/98465442/97de0e5/Best.exe.html
i normaly would send a message to hotfile, but can not read the code i have to insert, so if somebody would like to alert hotfile about this file, it would be nice.
http://www.virustotal.com/file-scan/rep ... 1295793493
HD Doctor Rouge.

posts moved.
 #4902  by EP_X0FF
 Sun Feb 06, 2011 5:03 am
btw, there indeed payload file inside :)

Inside overlay, 7zip archive (encrypted AES-256), this Delphi 2010 GUI app simple passes entered password to 7zip unpacker module.
It is something called avast.exe, 293176 bytes length. Somebody can try to brute-force :)
 #5387  by Xylitol
 Wed Mar 09, 2011 11:21 pm
Winrar hoaxSMS Again

locs: hXXp://dl25.rapidsharasmquc.co.cc/uploads/newlinks/e0/nt10/vps/bsd/d46796881/tf11627/s0/avbox_dt-800.rar.exe
hXXp://dl.stimulfzall.com/a3/p5/size5137408/Soznanie,%20mozg,%20iskusstvenniy%20intellekt%20D.%20I.%20Dubrovskiy.zip.exe_1040431-.zip.exe

Image

http://www.virustotal.com/file-scan/rep ... 1299713712
http://www.virustotal.com/file-scan/rep ... 1299713535
Attachments
See archive comment for password
(4.86 MiB) Downloaded 73 times
See archive comment for password
(4.34 MiB) Downloaded 72 times
 #5792  by Xylitol
 Fri Apr 01, 2011 6:45 pm
Attachments
See archive comment for password
(2.26 MiB) Downloaded 108 times
Last edited by EP_X0FF on Sat Apr 16, 2011 7:56 am, edited 1 time in total. Reason: Title edited
 #5818  by Xylitol
 Tue Apr 05, 2011 1:55 pm
findvirus.ru: HoaxSMS Fake installers - BitDefender/Avast/Avira/Dr.Web/Mcafee/Norton Fake products

The man who created this use zipmonster.ru, a know website for this type of things.
The customer support of zipmonster.ru is: zip-help.com

Code to send: 76633399892169157
Code to send: 76633399594169160
Code to send: 76633399899169103
Code to send: 76633399890169135
Code to send: 76633399534169088
Code to send: 76633399723169208
Code to send: 76633399039169173
Code to send: 76633399092169126

Image

If you want download an Antivirus, make sure you are on the official website.
Image

Image
Attachments
See archive comment for password
(3.04 MiB) Downloaded 80 times
  • 1
  • 2
  • 3
  • 4
  • 5
  • 12