Attachments
(1020.96 KiB) Downloaded 68 times
next
https://www.virustotal.com/en/file/a4c3 ... 447597642/
A forum for reverse engineering, OS internals and malware analysis
Attachments
(61.74 KiB) Downloaded 63 times
Attachments
(61.74 KiB) Downloaded 64 times
Attachments
(60.33 KiB) Downloaded 85 times
Attachments
(1021.17 KiB) Downloaded 69 times
Attachments
(1020.57 KiB) Downloaded 61 times
Attachments
(62.86 KiB) Downloaded 63 times
Is there really a need to keep manually downloading and posting Kelihos binaries?
Maybe not .If you have different malware code please update and show as.This sample has different MD-5.
ikolor wrote:Maybe not .If you have different malware code please update and show as.This sample has different MD-5.That's the problem with hashes, they're only good for identifying an individual sample. Kelihos has many identical samples where all that's changed is the domain or internal name. Also they are regularly recrypting the samples to keep them FUD, so you'll find a million identical samples all with different hashes.