Win32/Emotet - Banking trojan - Page 3

Re: Win32/Emotet - Banking trojan

#30999 by sysopfb
Thu Nov 16, 2017 1:09 am

Magical builtin hijack.

Attached is a sample from 19sep with the anti layer in the crypter they are referring to.

Attachments

emotet_19sepcampagin.zip

pw: infected
(127.78 KiB) Downloaded 46 times

Username

sysopfb

Posts

97

Joined

Thu Oct 23, 2014 1:22 am

Contact

Re: Malware collection

#31000 by ikolor
Thu Nov 16, 2017 3:19 pm

hi

https://www.virustotal.com/#/file/c7484 ... /detection

Attachments

New invoice # 9653654467.rar

(90.73 KiB) Downloaded 41 times

Username

ikolor

Posts

342

Joined

Thu Jun 05, 2014 2:20 pm

Location

Poland

Re: Malware collection

#31001 by Antelox
Thu Nov 16, 2017 3:41 pm

ikolor wrote:hi

https://www.virustotal.com/#/file/c7484 ... /detection

This is Geodo/Emotet doc downloader.

It downloads this: https://www.virustotal.com/en/file/0775 ... /analysis/

BR,

Antelox

@Antelox

Username

Antelox

Posts

298

Joined

Sun Mar 21, 2010 10:38 pm

Contact

Re: Malware collection

#31075 by ikolor
Tue Nov 28, 2017 7:28 pm

next

https://www.virustotal.com/#/file/04ec0 ... /community

Attachments

Invoice #938931451462.rar

(87.57 KiB) Downloaded 43 times

Username

ikolor

Posts

342

Joined

Thu Jun 05, 2014 2:20 pm

Location

Poland

Re: Malware collection

#31081 by Antelox
Wed Nov 29, 2017 8:03 am

ikolor wrote:next

https://www.virustotal.com/#/file/04ec0 ... /community

Geodo/Emotet doc downloader.

Downloads this: https://www.virustotal.com/en/file/b4e2 ... /analysis/

BR,

Antelox

@Antelox

Username

Antelox

Posts

298

Joined

Sun Mar 21, 2010 10:38 pm

Contact

Re: Malware collection

#31281 by ikolor
Wed Feb 21, 2018 10:06 am

thanks

https://www.virustotal.com/#/file-analy ... IwNzU0MA==

Attachments

Important Please Read.rar

(90.13 KiB) Downloaded 29 times

Username

ikolor

Posts

342

Joined

Thu Jun 05, 2014 2:20 pm

Location

Poland

Re: Malware collection

#31282 by Antelox
Wed Feb 21, 2018 10:33 am

ikolor wrote:thanks

https://www.virustotal.com/#/file-analy ... IwNzU0MA==

Geodo/Emotet doc downloader.

BR,

Antelox

@Antelox

Username

Antelox

Posts

298

Joined

Sun Mar 21, 2010 10:38 pm

Contact

Re: Malware collection

#31283 by ikolor
Wed Feb 21, 2018 4:41 pm

thanks the same shit

https://www.virustotal.com/#/file/dfd70 ... /detection

Attachments

Ds.rar

(300.7 KiB) Downloaded 33 times

Username

ikolor

Posts

342

Joined

Thu Jun 05, 2014 2:20 pm

Location

Poland

Re: Malware collection

#31285 by Antelox
Thu Feb 22, 2018 8:13 am

ikolor wrote:thanks the same shit

https://www.virustotal.com/#/file/dfd70 ... /detection

Geodo/Emotet doc downloader.
Download this: https://www.virustotal.com/en/file/a267 ... /analysis/

BR,

Antelox

@Antelox

Username

Antelox

Posts

298

Joined

Sun Mar 21, 2010 10:38 pm

Contact

Re: Malware collection

#31290 by tomatto007
Fri Feb 23, 2018 6:06 am

Antelox wrote:
ikolor wrote:thanks the same shit

https://www.virustotal.com/#/file/dfd70 ... /detection
Geodo/Emotet doc downloader.
Download this: https://www.virustotal.com/en/file/a267 ... /analysis/

BR,

Antelox

FILES ADDED:
%LOCAL APPDATA%\MICROSOFT\WINDOWS\ISONET.EXE

VALUES ADDED:
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ISONET: "%LOCAL APPDATA%\MICROSOFT\WINDOWS\ISONET.EXE"

Username

tomatto007

Posts

24

Joined

Fri Mar 19, 2010 8:16 pm