A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #19560  by dumb110
 Thu Jun 06, 2013 8:13 am
29a420e52b56bfadf9f0701318524bef
6eb5932b0ed20f11f1a887bcfbdde10f
b600089a93275fa93558695b707b87ad
917e36946c67414a988f6878d9d0cdfe
36ed86602661bb3a7a55e69fde90ee73
059a7482efee3b2abf67c12d210cb2f7
151e5d1bb8142835633cfd398e2e0ca3
63494c74db9bfc2bba3983698c952de9
f4f14d4a1e34f62eeb9a90b5c8b2cfc1
e5954b8204eb321d20bed4a86b3cef34
0e2b10015fe52b7ea77a213f0c330557

http://www.securelist.com/en/downloads/ ... -final.pdf
 #19562  by Squirl
 Thu Jun 06, 2013 8:53 am
151e5d1bb8142835633cfd398e2e0ca3 attached
Attachments
pass:infected
(72.19 KiB) Downloaded 96 times
 #22154  by NoSense
 Sat Feb 08, 2014 12:31 am
Hi community,
I've lurked a lot in this forum and I've been able to contribute only a few times, sorry for that..

This is my first sample request and is a request about a sample that have been already requested in late june 2013 and got a sample, unfortunately only one of them.
Here is the old thread: http://www.kernelmode.info/forum/viewto ... ler#p19562
29a420e52b56bfadf9f0701318524bef
6eb5932b0ed20f11f1a887bcfbdde10f
b600089a93275fa93558695b707b87ad
917e36946c67414a988f6878d9d0cdfe
36ed86602661bb3a7a55e69fde90ee73
059a7482efee3b2abf67c12d210cb2f7
151e5d1bb8142835633cfd398e2e0ca3
63494c74db9bfc2bba3983698c952de9
f4f14d4a1e34f62eeb9a90b5c8b2cfc1
e5954b8204eb321d20bed4a86b3cef34
0e2b10015fe52b7ea77a213f0c330557

http://www.securelist.com/en/downloads/ ... -final.pdf
Also I'm wondering if someone has the sample of the new one:
http://www.kaspersky.com/about/news/vir ... new_tricks

TAGS (to make it easy for future lurkers to find this topic): NetTraveler, Net-Traveler, TravNet.
 #22204  by NoSense
 Thu Feb 13, 2014 3:06 pm
new hashes:
fc3162106c51a49edbc306d6d7b3a630
247e7ec7fab0c1c384d6845ffd6d3d76
1ea1daf6afdfbb5486ff148f6766467a
eefad41c8375ec69db3404b9824aa66b
553d9bd73a784b11aa513d5d8a53ba5f
ab4405117858872c895e04db08660b65
367243ab8c37bc1fc5ad1e53a401ddc8
73808b0627eb6983908235bca9ac3d5b
2086ac5333af04f0ced15ac32378f01d

source:
http://cryptam.com/docsearch.php?sha256 ... df9658dcf7