A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #20255  by kareldjag/michk
 Sun Jul 28, 2013 6:44 pm
Attachments
frutas.jpg
frutas.jpg (71.6 KiB) Viewed 610 times
Password for all archives is kernelmode.info
(3.25 MiB) Downloaded 89 times
 #20361  by kareldjag/michk
 Sat Aug 03, 2013 12:53 pm
Hi
Looking for the study of Nicolas Brulez about the HackingTeam Davinci RAT
http://recon.cx/2013/schedule/events/11.html
Even if there is already some Gogol (another Nicola) litterature about it
http://www.securelist.com/en/analysis/2 ... ackingTeam
http://www.wired.com/threatlevel/2013/0 ... vernments/
Now known from most labs https://www.virustotal.com/en/file/e0be ... /analysis/
Some more underground teams sell full pack, with the Rat (pro coding), the crypter and the java applet as a cross platform infection vector...euh for about 3000 dollars!
As previously said, big Rat collection, but did not find the way and time to share it here.
Then i attach a text file which links to a cloud (DropBox) repo of a Vietnam team, where i have take some files (as we say in France, there is for drinking and eating...this means VB6, java, delphi, script kiddy to professional, recent to outdated etc).
Plus 3 interesting Rats (usual password).
I forget the Shino bot/rat project from the last BlackHat (test in a protected host and nework, or with tor or a vpn :) ) http://shinoc2.shinosec.cloudns.org/shinoc2/

rgds
Attachments
Need also Java
(4.54 MiB) Downloaded 100 times
Use AndroRat project
(2.1 MiB) Downloaded 83 times
It is time for some AV editors to update seriously their databases...
(910 Bytes) Downloaded 65 times
 #22529  by kareldjag/michk
 Sun Mar 23, 2014 5:17 pm
hi
In the same way Adzok Java Rat in its free version 1.0.0.3
https://www.virustotal.com/en/file/a8ba ... 395594197/
Attachments
keylog.jpg
keylog.jpg (27.13 KiB) Viewed 492 times
paid.jpg
paid.jpg (38.19 KiB) Viewed 492 times
Password is kernelmode.info
(472.16 KiB) Downloaded 64 times