Popureb rootkit - Page 3 - KernelMode.info

Re: Popureb rootkit

#14804 by dumb110
Sun Jul 22, 2012 8:44 am

https://www.virustotal.com/file/90cde9a ... 342946550/

anybody has this one??

I am not at my place..currently..so i cant get it..

thanks!

Username

dumb110

Posts

111

Joined

Tue Jun 05, 2012 1:29 pm

Re: Popureb rootkit

#14807 by Xylitol
Sun Jul 22, 2012 10:04 am

dumb110 wrote:https://www.virustotal.com/file/90cde9a ... 342946550/

anybody has this one??

I am not at my place..currently..so i cant get it..

thanks!

Attachments

90cde9a5a0bab0ba6129c1177f82eed6f18b8b2c9b3f90bef0a09fea5ffa570a.zip

infected
(10.62 KiB) Downloaded 84 times

Registration Problems and FAQ - Rules For Malware Requests

Username

Xylitol

Rank

Global Moderator

Posts

1706

Joined

Sat Apr 10, 2010 5:54 pm

Location

Seireitei, Soul Society

Contact

Re: Popureb rootkit

#14812 by dumb110
Sun Jul 22, 2012 11:13 am

thank you! :)

Username

dumb110

Posts

111

Joined

Tue Jun 05, 2012 1:29 pm

Re: Popureb rootkit

#14915 by Aleksandra
Sun Jul 29, 2012 8:10 pm

_http://211.110.10.76:8080

MD5: b40981b60bdea63dec30052db5e8d36c
SHA1: 2e0c2c320c17e7bd92d14880e2dffa01726ed3d5
https://www.virustotal.com/file/38aec11 ... /analysis/

Attachments

b40981b60bdea63dec30052db5e8d36c.zip

pass: virus
(95.62 KiB) Downloaded 80 times

Username

Aleksandra

Posts

79

Joined

Sun Jun 05, 2011 9:34 pm

Re: Popureb rootkit

#16463 by cjbi
Mon Nov 05, 2012 11:33 pm

Fresh Popureb bootkit dropper.
Obvious Korean targeted malware is obvious.

hxxp://126.15.181.20/8080/stup.exe

VirusTotal result(s)
Dropper VT 32/44 https://www.virustotal.com/file/86d2682cd6e5e636d6e9ecab0543cb8e2b4960879ea8444b3017da7a29cb5922/analysis/1352157036/
Driver VT 28/43 https://www.virustotal.com/file/7d8fdc080a7cb44992ee8bc59d41dba9c831343a6d14fd0a794191e0c9388b0f/analysis/1352158193/

Attachments

stup.exe.zip

pass: infected
(57.55 KiB) Downloaded 91 times

Username

cjbi

Posts

92

Joined

Sun Mar 14, 2010 7:16 am