A forum for reverse engineering, OS internals and malware analysis 

Malware Requests, part 2

Forum for completed malware requests.
 Topic locked

Re: Malware Requests, part 2

 #14912  by STRELiTZIA
 Sun Jul 29, 2012 2:29 pm
dumb110 wrote:are the samples here corrupted?? : http://www.kernelmode.info/forum/viewto ... 140#p14897
Try like this:
316b61e1b06c08926b82fc19ff5b0119e4f08a264ded76b1eaedab024be4ef76.doc
password is: 0706

a0dea7b1e8caae760f0f664ac7b9187c66f93ac1c504f6e54564e594c6243618.xls
password is: 1933

dff871b5df358dd4e290a34e8f1a77e2cb45bb49d0e3b539eee48245fef2f043.xls
password is: 1959

Re: Malware Requests, part 2

 #14977  by rough_spear
 Thu Aug 02, 2012 8:39 am
Hi All, :)

Can I have following samples.The list of MD5 are given below.

SFX 7Z

86fc04550c2a6da0c5ca9a95c50a07e0
6fc04550c2a6da0c5ca9a95c50a07e0
51E0A8F002CCA32D85C14ACB59B2DEAA
E06A85659B970A71ED78FBFD5EF232FD
F0131569ED3502FA660A478CC9E9BE6D
98ADB93A92D72721760889C0FD1C9829
80B8ADD05B94F0A2B43824C12978E6FC
80B8ADD05B94F0A2B43824C12978E6FC
b35228d463d62f154661d99b22d14866

Wise Installer

5926C298509C9C6EA8BBF9AB6FBDDD41

SWF EXE

06694282704FCB9DBEC264A9145EAC87
6A0CA5E661B1041CEF042097FD55BF1E
5BA8FFA63612F45E6ADC68F7F63B76E1
9AB0C5319D51E8579C16B9D50E213732
FD85F067ECFBDACD28A1157A4983F503
FC8606FC53CAFDD915A98CED884B1BC4
1973C4A2FD6864F31C397DC9BE2023A2
DD310BD5B00526B2824F9FB86BAB1216
965defd393746ceaaf7de06412312092

Smart Install

503f9f10f551d697766a1e5ca451222c

Swc2Exe CWS

93C5F67467DFBED63F651E8A4ED9EEBB
8d1249c0c4fc27886c5a806a27e12422
8d1249c0c4fc27886c5a806a27e1b2d7

Thanks in advance.

Regarad,


rough_spear.

Re: Malware Requests, part 2

 #14979  by Xylitol
 Thu Aug 02, 2012 9:34 am
rough_spear wrote:Hi All, :)

Can I have following samples.The list of MD5 are given below.

SFX 7Z

86fc04550c2a6da0c5ca9a95c50a07e0
6fc04550c2a6da0c5ca9a95c50a07e0
51E0A8F002CCA32D85C14ACB59B2DEAA
E06A85659B970A71ED78FBFD5EF232FD
F0131569ED3502FA660A478CC9E9BE6D
98ADB93A92D72721760889C0FD1C9829
80B8ADD05B94F0A2B43824C12978E6FC
80B8ADD05B94F0A2B43824C12978E6FC
b35228d463d62f154661d99b22d14866

Wise Installer

5926C298509C9C6EA8BBF9AB6FBDDD41

SWF EXE

06694282704FCB9DBEC264A9145EAC87
6A0CA5E661B1041CEF042097FD55BF1E
5BA8FFA63612F45E6ADC68F7F63B76E1
9AB0C5319D51E8579C16B9D50E213732
FD85F067ECFBDACD28A1157A4983F503
FC8606FC53CAFDD915A98CED884B1BC4
1973C4A2FD6864F31C397DC9BE2023A2
DD310BD5B00526B2824F9FB86BAB1216
965defd393746ceaaf7de06412312092

Smart Install

503f9f10f551d697766a1e5ca451222c

Swc2Exe CWS

93C5F67467DFBED63F651E8A4ED9EEBB
8d1249c0c4fc27886c5a806a27e12422
8d1249c0c4fc27886c5a806a27e1b2d7

Thanks in advance.

Regarad,


rough_spear.
some files are missing.
Attachments
infected
(1.79 MiB) Downloaded 71 times
infected
(4.14 MiB) Downloaded 61 times
infected
(3.38 MiB) Downloaded 71 times

Re: Malware Requests, part 2

 #14992  by Flamef
 Thu Aug 02, 2012 10:03 pm
I am looking for :
It's a Win32/Dofoil variant,Ransomware.
MD5:47F2B8FCC2873F4DFD573B0E8A77AAA9
Can you attach the UNPACKED version,as i have no idea how to unpack custom packed viruses?
Thanks in advance.

Re: Malware Requests, part 2

 #14994  by hnpl2011
 Fri Aug 03, 2012 3:38 am
I'm looking for:
Downloader.Dromedan
9c634f3a23f107b3419869dd0fd304d4
c2618a002853e9266a4a3a1f9e7cd957
68ba056383902942adadf1b80bd45e57

1d31ba6446658100c28909bb9e0c01d3
79ba3faeb0f6400aa88d047aee3eacf7
7c810cbb47c9f937b5f663b51ab7ee50
96f7c9d231bc5835e4a7c07bc94c5b4a

Trojan.Mdropper
a453e4c02cd88d4d366cf727f5c3c2bb
fa11f5939f69e8566a0136766122f89f
5819f879a2e411752124e2d08b3c57d9
97952865ff490e6527a1fc4276946f9a
21c0c353f9b0a8fe56645b50d7e0ef92
7b3208b1dc28b2d5f7641aa212e6aabf
e85c96bec3963ebf773bb5f9a185cf5c
eba37370d9366d71863a77a04031de62
78c3d73e2e2bba6d8811c5dc39edd600
Thank for your help :)

Re: Malware Requests, part 2

 #14999  by Xylitol
 Fri Aug 03, 2012 10:27 am
Flamef wrote:I am looking for :
It's a Win32/Dofoil variant,Ransomware.
MD5:47F2B8FCC2873F4DFD573B0E8A77AAA9
Can you attach the UNPACKED version,as i have no idea how to unpack custom packed viruses?
Thanks in advance.
infected
(40.23 KiB) Downloaded 55 times
(not unpack)
mfox wrote:Looking for these samples:
https://www.virustotal.com/file/90c373c ... /analysis/
https://www.virustotal.com/file/ddeef41 ... /analysis/
https://www.virustotal.com/file/ad94f21 ... /analysis/

Thanks.
infected
(243.87 KiB) Downloaded 61 times
hnpl2011 wrote:I'm looking for:
Downloader.Dromedan
9c634f3a23f107b3419869dd0fd304d4
c2618a002853e9266a4a3a1f9e7cd957
68ba056383902942adadf1b80bd45e57

1d31ba6446658100c28909bb9e0c01d3
79ba3faeb0f6400aa88d047aee3eacf7
7c810cbb47c9f937b5f663b51ab7ee50
96f7c9d231bc5835e4a7c07bc94c5b4a

Trojan.Mdropper
a453e4c02cd88d4d366cf727f5c3c2bb
fa11f5939f69e8566a0136766122f89f
5819f879a2e411752124e2d08b3c57d9
97952865ff490e6527a1fc4276946f9a
21c0c353f9b0a8fe56645b50d7e0ef92
7b3208b1dc28b2d5f7641aa212e6aabf
e85c96bec3963ebf773bb5f9a185cf5c
eba37370d9366d71863a77a04031de62
78c3d73e2e2bba6d8811c5dc39edd600
Thank for your help :)
infected
(693.41 KiB) Downloaded 76 times
can't find 5819f879a2e411752124e2d08b3c57d9 and 1c0c353f9b0a8fe56645b50d7e0ef92 is invalid hash.
 Topic locked
  • 1
  • 3
  • 4
  • 5
  • 6
  • 7
  • 15
 Return to “Completed Malware Requests”