Attachments
(41.95 KiB) Downloaded 88 times
A forum for reverse engineering, OS internals and malware analysis
markusg wrote:http://www.virustotal.com/file-scan/report.html?id=d4b703bc3259272c11b3001ec56cd1a5f6c8534e60ad27695fe02d0949a56ae0-1317832653Trojan downloader Phokace with AntiVM.
ICQ Conversations - MiniUserProfileDlg Internet Explorer_Server %s %s DEU AUT LUX LIE CHE wie findest du das foto? hab ich dir das foto schon gezeigt? das foto solltest du wirklich sehen schau mal das foto an unglaublich welche fotos leute von sich machen schau mal so will ich nicht aussehen wenn ich alt bin schau mal welches foto ich gefunden hab bist du das auf dem foto? kennst du das foto schon? FRA je ne pense pas que je vais pouvoir dormir aprиs avoir vu ces photos. je n'arrive pas a croire que j'ai encore cette photo de toi depuis l'hiver dernier. devrais-je mettre cette photo de profile? c'est la photo la plus marrante! dis moi ce que tu pense de cette photo de moi? mes parents vont me tuйs si ils trouvent cette photo. NLD BEL ken je dat foto nog? kijk wat voor een foto ik heb gevonden zo iets leilijk heb ik nog nooit in mijn leven gezien ik hoop dat jij het net bent op dit foto ben jij dat op dit foto? dit foto zal je echt eens bekijken! ken je dit foto al? ITA ti piace la foto? hai visto questa foto? la foto e grandiosa! ti ricordi la Foto? dopo che hai visto la foto, tu non dormirai piu conosci la persona in questa foto? chi e in questa foto? NOR se pе dette bildet DNK ser pе dette billede FIN katso tдtд kuvaa SWE titta pе denna bild tell me what you think of this picture i edited this is the funniest photo ever! tell me what you think of this photo i don't think i will ever sleep again after seeing this photo i cant believe i still have this picture should i make this my default picture?posts moved
http://www.shufflet.com//images/images.php?image=IMG0485497269.JPG
http://www.shufflet.com//images/ok.exe
Waves97 wrote:Next Zbot - I think.Phorpiex.B which downloads Phorpiex.P (hxxp://www.nuvocuisine.com/images.php?image=IMG0540255.JPG) which downloads Phorpiex.M (hxxp://nuvocuisine.com/nnn.exe)
HTTP/1.1 200 OK
Date: Mon, 11 Mar 2013 10:49:16 GMT
Server: Apache
Content-disposition: attachment; filename=IMG0540230-JPG.scr
Connection: close
Transfer-Encoding: chunked
Content-Type: application/octet-stream
MIMEType.................: application/octet-stream
Subsystem................: Windows GUI
MachineType..............: Intel 386 or later, and compatibles
TimeStamp................: 2013:03:10 21:02:35+01:00
FileType.................: Win32 EXE
PEType...................: PE32
CodeSize.................: 23040
LinkerVersion............: 9.0
EntryPoint...............: 0x6696
InitializedDataSize......: 10752
SubsystemVersion.........: 5.0
ImageVersion.............: 0.0
OSVersion................: 5.0
UninitializedDataSize....: 0