A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #19193  by EP_X0FF
 Sat May 04, 2013 11:23 am
rkhunter wrote:I fear to ask what happened with Gribodemon.
He was a really mediocre coder. For instance you can look on his numerous dumb spyeye coding problems at script-kiddie wasm.ru forum. From other side he was very lucky and very stubborn in achieving his goals. No matter where he is now it is not really important.
 #22069  by Xylitol
 Tue Jan 28, 2014 5:02 pm
Krebs: Feds to Charge Alleged SpyEye Trojan Author ~ http://krebsonsecurity.com/2014/01/feds ... an-author/
USDOJ: Cyber Criminal Pleads Guilty to Developing and Distributing Notorious Spyeye Malware ~ http://www.justice.gov/opa/pr/2014/Janu ... m-091.html
FBI: SpyEye Malware Mastermind Pleads Guilty ~ http://www.fbi.gov/news/stories/2014/ja ... ads-guilty
 #22076  by EP_X0FF
 Wed Jan 29, 2014 2:49 am
Hehe, here is another "view" on Gribodemon identity.

http://tvernews.ru/news/151033/
http://translate.google.com/translate?h ... F151033%2F
Dmitry said that Alexander was a supporter of transhumanism, dreamed of creating a superman, artificial intelligence, believed in the immortality of the digital.

- I am sure that for these purposes Alexander was going to spend the money, says Dmitry.
Yes sure, when he was under the drugs posting noob questions about splicing on 1337 wasm.ru/forum, the only thing he was thinking about was "immortality". Lol, such a idiots.

He was actually a typical average programmer and junkie.

Image

"In the end I obtained SeDebugPriv and injected in every process, except "System" (on Win7 there was BSOD while injection... dgaf how to analyze memory dumps...)"

Genious, yeah.
 #22170  by EP_X0FF
 Mon Feb 10, 2014 4:37 am
Marv3!ous wrote:saw many photo forum screen short post by EP_X0FF wondering what is the forum Gribodemon was there.?
It is hxxp://wasm.ru, in 2004-2009 some sort of Mecca for exUSSR malware writters. Currently there are only script-kiddies left.
 #22681  by Xylitol
 Sun Apr 13, 2014 1:08 pm
SpyEye
guid=5.1.2600!COMPUTER_1!04ED4118&ver=10348&ie=6.0.2900.5512&os=5.1.2600&ut=Admin&ccrc=16F7C0E1&md5=460506

https://www.virustotal.com/en/file/78e8 ... 397394155/ 8/51
Attachments
infected
(1.35 MiB) Downloaded 155 times
  • 1
  • 38
  • 39
  • 40
  • 41
  • 42