A little birdy shared with me this bin who seem interesting and come from an affiliate (partnerka.me)
http://www.virusradar.com/en/Win32_Boax ... escription
Original (nullsoft installer sfx shit):
https://www.virustotal.com/en/file/4de4 ... 383588563/ 9/47
Dumped:
https://www.virustotal.com/en/file/c44a ... 383588585/ (vb crap who load a .dat) 4/47
https://www.virustotal.com/en/file/134c ... 383588544/ ('.dat' exe who load a dll) 2/46
https://www.virustotal.com/en/file/d330 ... 383588541/ (dll) 4/47
https://www.virustotal.com/en/file/2fb3 ... 383590259/ (final payload) 6/47
https://www.virustotal.com/en/file/81e5 ... 383593286/ (pcap)
http://www.virusradar.com/en/Win32_Boax ... escription
Original (nullsoft installer sfx shit):
https://www.virustotal.com/en/file/4de4 ... 383588563/ 9/47
Dumped:
https://www.virustotal.com/en/file/c44a ... 383588585/ (vb crap who load a .dat) 4/47
https://www.virustotal.com/en/file/134c ... 383588544/ ('.dat' exe who load a dll) 2/46
https://www.virustotal.com/en/file/d330 ... 383588541/ (dll) 4/47
https://www.virustotal.com/en/file/2fb3 ... 383590259/ (final payload) 6/47
https://www.virustotal.com/en/file/81e5 ... 383593286/ (pcap)
Attachments
infected
(261.46 KiB) Downloaded 82 times
(261.46 KiB) Downloaded 82 times
infected
(145.26 KiB) Downloaded 81 times
(145.26 KiB) Downloaded 81 times
infected
(90.25 KiB) Downloaded 100 times
(90.25 KiB) Downloaded 100 times
