Attachments
(93.41 KiB) Downloaded 36 times
ikolor wrote: ↑Tue Mar 20, 2018 7:55 pm next ..Geodo/Emotet doc downloader.
https://www.virustotal.com/#/file/55d87 ... /detection
BR,
Antelox
A forum for reverse engineering, OS internals and malware analysis
BR,
Antelox
Attachments
(73.13 KiB) Downloaded 25 times
ikolor wrote: ↑Wed Mar 28, 2018 4:26 pm ThanksGeodo/Emotet Loader.
https://www.virustotal.com/#/file/2b83f ... /detection
BR,
Antelox
ikolor wrote: ↑Wed Mar 28, 2018 4:26 pm ThanksVALUES ADDED:
https://www.virustotal.com/#/file/2b83f ... /detection
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\MONETKEYDEF: ""%LOCAL APPDATA%\MICROSOFT\WINDOWS\MONETKEYDEF.EXE""
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\DECRYPTAPURCHASE: ""%LOCAL APPDATA%\MICROSOFT\WINDOWS\DECRYPTAPURCHASE.EXE""
FILES ADDED:
%LOCAL APPDATA%\MICROSOFT\WINDOWS\MONETKEYDEF.EXE
%LOCAL APPDATA%\MICROSOFT\WINDOWS\DECRYPTAPURCHASE.EXE
Attachments
(47.98 KiB) Downloaded 30 times
ikolor wrote: ↑Tue Jun 12, 2018 6:40 pm ThanksGeodo/Emotet doc downloader.
https://www.virustotal.com/en/file/076b ... 528828804/
Payload: https://www.virustotal.com/en/file/91d0 ... /analysis/
BR,
Antelox
Attachments
(161.13 KiB) Downloaded 25 times
ikolor wrote: ↑Tue Jun 26, 2018 4:50 pm nextGeodo/Emotet doc downloader.
https://www.virustotal.com/en/file/00af ... 530031751/
Payload: https://www.virustotal.com/en/file/c43e ... /analysis/
BR,
Antelox
Attachments
(172.57 KiB) Downloaded 24 times