A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #12388  by rough_spear
 Thu Mar 29, 2012 10:20 am
Hi All, :D
Here is Windows Software Saver.

File - setup.exe
weblink -
hxxp://centerscannerprocesses.info/bb61f9bcec711d56/6/
hxxp://durhampowerequipment.com/mailer/examples/av6.php

VT link - https://www.virustotal.com/file/945be94 ... /analysis/

File - Protector-mfhh.exe
VT link - https://www.virustotal.com/file/2c0f5ee ... /analysis/


Regards,

rough_spear. ;)
Attachments
password - malware.
(1.88 MiB) Downloaded 56 times
password - malware.
(2 MiB) Downloaded 58 times
 #12390  by rough_spear
 Thu Mar 29, 2012 10:41 am
Hi All, :D

Windows Managing System. :evil:

Files - setup.exe ---> dropper.
web link - hxxp://cleanavcenter.info/bb61f9bcec711d56/6/setup.exe
VT link - https://www.virustotal.com/file/942a388 ... 333016871/
MD5 - 7dffd5694a23451c9acd831f4e458b2b

File - Protector-xxxx.exe (xxxx= some random characters) ----> dropped.
VT link - https://www.virustotal.com/file/065424a ... 333017057/
MD5 - 37f5df628ae15d07f8d5a1198043acb3

Regards,

rough_spear. ;)
Attachments
password - malware.
(1.99 MiB) Downloaded 57 times
password - malware.
(1.87 MiB) Downloaded 58 times
 #12412  by EP_X0FF
 Fri Mar 30, 2012 2:18 pm
Rogue Winwebsec (alias Security Shield and other non meaninful names). Comes from very lazy guys (firstly this pack was discovered about 1 year ago) that have outdated BH software and old malware packs along with fresh recrypted samples. 79 samples in multipart RAR archive, pass "infected" without quotes.

Typical current detection according to VT

9 / 42
Attachments
(848.56 KiB) Downloaded 52 times
(9 MiB) Downloaded 56 times
(9 MiB) Downloaded 56 times
pass: infected
(9 MiB) Downloaded 59 times
 #12419  by EP_X0FF
 Sat Mar 31, 2012 3:29 am
Fresh with low detection ratio. Pass "infected" without quotes.

https://www.virustotal.com/file/23fc540 ... 333164424/
Attachments
(727.14 KiB) Downloaded 45 times
(9 MiB) Downloaded 54 times
(9 MiB) Downloaded 53 times
(9 MiB) Downloaded 56 times
  • 1
  • 9
  • 10
  • 11
  • 12
  • 13
  • 46