Attachments
(1020.96 KiB) Downloaded 69 times
A forum for reverse engineering, OS internals and malware analysis
ikolor wrote:Maybe not .If you have different malware code please update and show as.This sample has different MD-5.That's the problem with hashes, they're only good for identifying an individual sample. Kelihos has many identical samples where all that's changed is the domain or internal name. Also they are regularly recrypting the samples to keep them FUD, so you'll find a million identical samples all with different hashes.