sugipula wrote:I need a gun
here take it for free
A forum for reverse engineering, OS internals and malware analysis
here take it for free
Ring0 - the source of inspiration
And it was a question or a statement? =))
from infected machine.
873D3F8A93A.exe
MD5 : 853c7d138afcfa4ae7349cb9c2b22960
https://www.virustotal.com/file-scan/re ... 1318956636
873D3F8A93A.exe
MD5 : 853c7d138afcfa4ae7349cb9c2b22960
https://www.virustotal.com/file-scan/re ... 1318956636
Attachments
(304.5 KiB) Downloaded 61 times
that gun was good.i found one.
sample and unpacked bin.
sample and unpacked bin.
Attachments
markusg wrote:from infected machine.SpyEye v1.3.48 (ver=10348)
873D3F8A93A.exe
MD5 : 853c7d138afcfa4ae7349cb9c2b22960
https://www.virustotal.com/file-scan/re ... 1318956636
Pass for decrypted config: FCA737CDF22135424EACBC5EEA2D5B3B
Gate:
hxxp://minimart20.com/forum.php;90Unpacked dropper + decrypted configs in attach.
Attachments
pass: malware
(285.02 KiB) Downloaded 75 times
(285.02 KiB) Downloaded 75 times
Ring0 - the source of inspiration
SpyEye v1.2.99 (ver=10299)
Pass for decrypted config: D655F000B8CAC927EB6CCE2D5C746D11
Gate:
All data in attach.
Pass for decrypted config: D655F000B8CAC927EB6CCE2D5C746D11
Gate:
hxxp://majmun.su/kurac/gate.php1.6 Mb of webinjects
All data in attach.
Attachments
pass: malware
(1.04 MiB) Downloaded 94 times
(1.04 MiB) Downloaded 94 times
Ring0 - the source of inspiration
Ring0 - the source of inspiration
217FA9665CD.exe
MD5 : 957affee553d7d1c1038abbe95072237
http://www.virustotal.com/file-scan/rep ... 1319122277
MD5 : 957affee553d7d1c1038abbe95072237
http://www.virustotal.com/file-scan/rep ... 1319122277
Attachments
(287.33 KiB) Downloaded 72 times
markusg wrote:217FA9665CD.exenot wok for me
MD5 : 957affee553d7d1c1038abbe95072237
http://www.virustotal.com/file-scan/rep ... 1319122277
