A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #15540  by Win32:Virut
 Thu Sep 06, 2012 1:07 pm
Trojan.Ransom - Epubb

VirusTotal:
Code: Select all
https://www.virustotal.com/file/496c6432ca3508104e6314093e087e313945b5d4262f3f06b84cd96ac3e9e0f9/analysis/
ThreatExpert:
Code: Select all
http://www.threatexpert.com/report.aspx?md5=245d4c1c2024cd16dc8c62927f81b7b8
Attachments
Password is "infected" without quotes
(272.07 KiB) Downloaded 78 times
 #15615  by Win32:Virut
 Sun Sep 16, 2012 4:16 pm
HOW TO DECRYPT FILES

Image

File size: 29184 bytes
File type: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5: 92b2c03f09a07b6c12233c4c2132c710
SHA1: 20cba04751a7d1211c8dd07cd8ffb7d1c1737ff9
SHA256: c0603fcd04d8e2fe78559a1fc07d0d8e569c08225ecb864850edd9511b11a439
SHA512: d2da96165e89cf636577d534daf8ae455806a370bd09994890fa31d45b7c668a5a1e077f4823b8fc302afa77ec54ce18fafb7ffb5ee885f9285c464b26961dce
CRC32: 4CB559AE
Ssdeep: 384:IXoCyA9viXYGVC9EC+4q8KNNFNu3i7oZPz+SkOATjfnPD8Z0/dbpa:I2Ak3VCOsVWjI7+SdA3IOpa
Malwr: http://malwr.com/analysis/92b2c03f09a07 ... c2132c710/
VirusTotal: https://www.virustotal.com/file/c0603fc ... /analysis/
Attachments
Password is "infected" without quotes
(106.6 KiB) Downloaded 64 times
  • 1
  • 8
  • 9
  • 10
  • 11
  • 12
  • 14