14x Live Security Platinum
Attachments
Password: infected
(334.85 KiB) Downloaded 46 times
(334.85 KiB) Downloaded 46 times
Windows Interactive Security (FakeVimes)
MD5: C620A4BF5F569AC979ECB0F20AD1EA75
A forum for reverse engineering, OS internals and malware analysis
Attachments
Password: infected
(1.72 MiB) Downloaded 142 times
(1.72 MiB) Downloaded 142 times
Windows Web Commander (FakeVimes)
MD5: DD1DB077ADEC6AE6DE3C9639EFC03B7E
MD5: DD1DB077ADEC6AE6DE3C9639EFC03B7E
Attachments
(1.72 MiB) Downloaded 74 times
Windows Web Commander and Interactive Security samples are not working. Running these samples does nothing.....
fixrogues wrote:Windows Web Commander and Interactive Security samples are not working. Running these samples does nothing.....Working fine for me... Successfully infected (VMWare Windows XP SP3)...
fixrogues wrote:Windows Web Commander and Interactive Security samples are not working. Running these samples does nothing.....Works fine also for me
Windows Virus Hunter (FakeVimes)
Windows_Virus_Hunter.png (65.26 KiB) Viewed 379 times
MD5: 5C8598C5F6F0A6FC01E5536385A17127
https://www.virustotal.com/file/d6702f8 ... /analysis/
https://www.virustotal.com/file/d6702f8 ... /analysis/
Attachments
Password: infected
(1.7 MiB) Downloaded 53 times
(1.7 MiB) Downloaded 53 times
7x Live Security Platinum
Attachments
Password: infected
(2.22 MiB) Downloaded 44 times
(2.22 MiB) Downloaded 44 times
Windows Virus Hunter
TCP Stream:
Code: Select all
hxxp://www.ekaterina-land.ru/news.php?farm210.png
hxxp://download.debuggerutilityproofness.pl/f91c93e55e5ba6b1/210/setup.exe
• dns: 1 ›› ip: 176.57.216.89 - adresse: EKATERINA-LAND.RU
• dns: 1 ›› ip: 96.44.181.173 - adresse: DEBUGGERUTILITYPROOFNESS.PL
TCP Stream:
Code: Select all
https://www.virustotal.com/file/fb5e438 ... /analysis/• dns: 1 ›› ip: 77.79.10.12 - adresse: GALAINT.STATISTICYESINFO.INFO
GET /?0=119&1=210&2=1&3=110&4=i&5=2600&6=5&7=1&8=62900.5512&9=1036&10=-60&11=1111&12=lvpotbjkkk&14=0 HTTP/1.1
Host: galaint.statisticyesinfo.info
HTTP/1.1 200 OK
---
• dns: 1 ›› ip: 77.79.10.15 - adresse: F91C93E55E5BA6B1.SECUREINFOPAY.INFO
POST / HTTP/1.1
Referer: http://f91c93e55e5ba6b1.secureinfopay.info/
Host: f91c93e55e5ba6b1.secureinfopay.info
Cookie: ct=2012:7:4:20:38; ch=3e790d016a1b0eb3a64c948d432cd500
cardholderName=Huge+faggot&email=123@456.789&cardNumber=4862987174953577&expirationMonth=5&expirationYear=2016&cvv=475&phone=1-785-952-74-32&address=75+winlock&country=FRA&state=Outside+USA&city=gotham+city&zip=31337&productOptionId=3&suboption0=on&action=form&partnerId=119&projectId=110&subId=210&reason=errorflashHTTP/1.1 200 OK
---
GET /process/?id=269828 HTTP/1.1
Host: f91c93e55e5ba6b1.secureinfopay.info
HTTP/1.1 200 OK
---
GET /decline/?id=269828 HTTP/1.1
Host: f91c93e55e5ba6b1.secureinfopay.info
HTTP/1.1 200 OKAttachments
infected
(1.7 MiB) Downloaded 58 times
(1.7 MiB) Downloaded 58 times
Windows Virus Hunter (FakeVimes)
MD5: 4BA4D80E4064270F627E0D643D57A8BA
https://www.virustotal.com/file/02016ef ... /analysis/
MD5: 4BA4D80E4064270F627E0D643D57A8BA
https://www.virustotal.com/file/02016ef ... /analysis/
Attachments
Password: infected
(1.7 MiB) Downloaded 50 times
(1.7 MiB) Downloaded 50 times