A forum for reverse engineering, OS internals and malware analysis 

Forum for completed malware requests.
 #14789  by Xylitol
 Sat Jul 21, 2012 8:11 am
ReviewsAntivirus wrote:I'm looking for:

Trojan.Sisproc
d32a8990d51c0875f6e21a70a9950c8c
590b4192c312703251c36266d8700134
29a34d9f4933d071c4eeb5d2b26edd64
infected
(1.21 MiB) Downloaded 57 times
rough_spear wrote:Hi All,
I m looking for following samples.


http://www.f-secure.com/weblog/archives/00002402.html

Sha1
babce866503fbe880cdcf38f39b890ac612e6722
0b13c003b80cff5090d98dad229ba1659be3b361
486b01914ff0ce3b7274dcf5023972b1d8341ce1
040073498337e7212068c2a8e95b2f43415d0e04
ce2637890e1be18e4cbcf833626c0c0a29f79364
e812d3f464b7ded8b5580ea2e55497046882b684

Regards,


rough_spear.
infected
(559.08 KiB) Downloaded 56 times
_69 wrote:Hello. I am looking for this file: https://www.virustotal.com/file/ecc272f ... /analysis/. It's hash is in the report. Thanks
infected
(1.41 MiB) Downloaded 67 times
 #14842  by _69
 Mon Jul 23, 2012 5:02 pm
I'm looking for f8c6c05da9b4aec2883d802c4eb04e54 and abfce521257ee777e1e845777fed9231
 #14843  by Xylitol
 Mon Jul 23, 2012 5:20 pm
tomatto007 wrote:I'm looking for:
md5: 14EF8EA2211A3D9A1CC11B7BBAC1848E
_69 wrote:I'm looking for f8c6c05da9b4aec2883d802c4eb04e54 and abfce521257ee777e1e845777fed9231
infected
(115.29 KiB) Downloaded 52 times
Last edited by Xylitol on Mon Jul 23, 2012 7:08 pm, edited 1 time in total.
 #14860  by frame4-mdpro
 Tue Jul 24, 2012 9:16 pm
Looking for sample(s) of OSX/Crisis and any dropped files (as I don't own a Mac) -- no MD5 at this point unfortunately.
...This threat is a dropper which creates a backdoor when it’s run. It installs silently, without requiring a password, and works only in OSX versions 10.6 and 10.7 – Snow Leopard and Lion.
http://www.intego.com/mac-security-blog ... irus-team/

Thanks
 #14865  by N3mes1s
 Wed Jul 25, 2012 10:08 am
frame4-mdpro wrote:Looking for sample(s) of OSX/Crisis and any dropped files (as I don't own a Mac) -- no MD5 at this point unfortunately.
...This threat is a dropper which creates a backdoor when it’s run. It installs silently, without requiring a password, and works only in OSX versions 10.6 and 10.7 – Snow Leopard and Lion.
http://www.intego.com/mac-security-blog ... irus-team/

Thanks
It seems to be:
https://www.virustotal.com/file/53cd1d6 ... /analysis/

http://macviruscom.wordpress.com/2012/0 ... detection/

md5:
acec5f00057d3ec94849511f3eddcb91
6f055150861d8d6e145e9aca65f92822
faab883598c8c379acfd0b9dccc93d0c

https://www.virustotal.com/file/62eef94 ... /analysis/
https://www.virustotal.com/file/10fa7fa ... /analysis/
https://www.virustotal.com/file/df586e7 ... /analysis/
 #14871  by Waves97
 Wed Jul 25, 2012 8:28 pm
I'm seraching for sample new Iran virus who played AC/DC's music ;)
In Polish:
Code: Select all
http://www.chip.pl/news/bezpieczenstwo/luki-bezpieczenstwa/2012/07/iran-zaatakowany-przez-ac-dc
 #14878  by Xylitol
 Thu Jul 26, 2012 4:58 pm
frame4-mdpro wrote:Looking for Worm:Win32/VB.CB, which is infact contained in an iOS app called Instaquotes:

http://nakedsecurity.sophos.com/2012/07 ... -say-what/

I don't have the MD5 but the app name is "Instaquotes 1.0.ipa"

Thanks!
infected
(196.71 KiB) Downloaded 70 times
_69 wrote:Does anyone has this? md5: fbc1f2290deaefa511a1482046f565f3
infected
(2.43 KiB) Downloaded 55 times
  • 1
  • 2
  • 3
  • 4
  • 5
  • 15