Re: Trojan:Win32/Urausy (aka "WinLocker") #16729 by Win32:Virut Tue Nov 20, 2012 2:50 pm Another Urausy Attachments Urausy.7z Password is "infected" without quotes. (62.15 KiB) Downloaded 89 times Username Win32:Virut Posts 324 Joined Sat Jun 02, 2012 2:22 pm
Re: Trojan:Win32/Urausy (aka "WinLocker") #17172 by Win32:Virut Fri Dec 14, 2012 12:02 pm One more Urausy https://www.virustotal.com/file/5653c94 ... 355486180/ Attachments 7cb4a973.dat.7z Password: infected (46.19 KiB) Downloaded 82 times Username Win32:Virut Posts 324 Joined Sat Jun 02, 2012 2:22 pm
Re: Trojan:Win32/Urausy (aka "WinLocker") #17201 by Win32:Virut Sat Dec 15, 2012 3:51 pm Another Urausy MD5: aa075b853f4508487f165c74e18f81ad SHA1: 2823cc9457986c1f23f96128c2a31c95b80fa0fd SHA256: 69374c5613e88d452256122f24a5cecdc34cc1685f92c52b9a24dabe8bd5563b https://www.virustotal.com/file/69374c5 ... 355586636/ Attachments 3cca647b.dat.7z Password: infected (46.64 KiB) Downloaded 94 times Username Win32:Virut Posts 324 Joined Sat Jun 02, 2012 2:22 pm
Re: Trojan:Win32/Urausy (aka "WinLocker") #17806 by Horgh Tue Jan 22, 2013 1:12 pm Trojan:Win32/Urausy.C Fresh sample. SHA256: 4fb7d39698a71d917d8526d6f71f344a82469893bc3881a2775105b9cee5d4e6 SHA1: ade2cabd7c85fc188d2f6566d4418a25395791ab MD5: 4eb81bd438433786d0df86d3856f68c9 https://www.virustotal.com/file/4fb7d39 ... 358857017/ Landing page : http://i.imgur.com/0koFoP1.png In attach : sample, stage2 of packer, unpacked binary. Attachments Urausy.7z Password : infected (63.79 KiB) Downloaded 103 times Username Horgh Posts 37 Joined Fri Dec 07, 2012 9:48 am Location France
Re: Trojan:Win32/Urausy (aka "WinLocker") #18079 by nullptr Thu Feb 07, 2013 10:49 am Urausy.C samples from past few days. SHA-1: CEEC9581EC988983D986D9B72A3B3C3EF72D63A4 5DB9D352630D1CE5853DE8ADD5464876F92075FD 391F239E6886C2DB5D7F5723B42F29BC6D579734 FF9E224A1463A08B955F2C6464AF5D9D2A36F0F9 Attachments Urausy_inf.zip pwd: infected (326.74 KiB) Downloaded 95 times Username nullptr Posts 209 Joined Sun Mar 14, 2010 6:35 am
Re: Trojan:Win32/Urausy (aka "WinLocker") #18189 by secObs Wed Feb 13, 2013 2:03 pm Urausy with new template. Detection 3/45 https://www.virustotal.com/file/9a5501a ... /analysis/ md5: a1cabc87f8c123970190cd7ae4d2d9b5 sha-1: 8d97b4fb84257554bbedb118556b0aeae47136ef Attachments FlashPlayer_11_5_update_for_Win.rar pass: malware (102.52 KiB) Downloaded 86 times Username secObs Posts 25 Joined Sun Mar 04, 2012 10:53 pm Location here, there and everywhere Contact
ransomware? #18298 by kmd Fri Feb 22, 2013 5:48 am pass virus https://www.virustotal.com/en/file/91e6 ... 361511960/ Attachments amateur_dog_sex_01.avi.zip (61.91 KiB) Downloaded 84 times Username kmd Posts 271 Joined Mon Mar 15, 2010 4:09 am Location Russian Federation
Re: ransomware? #18299 by EP_X0FF Fri Feb 22, 2013 6:13 am Urausy. Posts moved. Ring0 - the source of inspiration Username EP_X0FF Rank Global Moderator Posts 4947 Joined Sun Mar 07, 2010 5:35 am Location Russian Federation Contact
Re: Trojan:Win32/Urausy (aka "WinLocker") #18324 by Kafeine Sun Feb 24, 2013 7:11 pm Here is an Urausy Variant that we named : Uremtoo https://www.botnets.fr/index.php/Uremtoo (to see landings - Seems only 3 countries right now but looks like they are working on adding more) Note : As for Urausy if your country is not targeted the http call to mothership will be content-lengh : 22 and your computer won't be locked. Attachments Uremtoo_2samples_UrausyVariant.zip Pass: infected - 2 samples of Uremtoo (166.43 KiB) Downloaded 98 times Username Kafeine Posts 105 Joined Thu Jul 28, 2011 1:19 pm
Re: Trojan:Win32/Urausy (aka "WinLocker") #18411 by R00tKit Mon Mar 04, 2013 11:16 am good "Urausy" Analysis http://angelkillah.blogspot.com/2013/02 ... lysis.html @R00tkitSMM Username R00tKit Posts 129 Joined Tue Nov 16, 2010 8:23 pm Contact