Remote Access Trojan RAT svchost.exe 163.172.160.227.4443 PCAP file download traffic sample

Download Attachments 1  vcleanDate added: January 26, 2018 5:47 am Added by: admin File size: 10 KB Downloads: 11 46 engines detected this file SHA-256 8a100d3324a2c579fcc56203d9f14e0d6e3448b3ed65769136c8dc21376ef0e5 File name vujpdi0f2gg.exe File size 135.5 KB Last analysis 2018-01-25 16:06:53 UTC Community score -192 Remote AccessContains a remote desktop related stringTries to identify its external IP addressUses network protocols on unusual portsPersistenceInjects into explorerModifies auto-execute functionality … Read more

Dridex Cridex Malware Banking Trojan PCAP file download traffic sample 144.76.246.246.443 fbl.com.sg/JHG76w23

Download Attachments 1  jhgDate added: January 26, 2018 5:40 am Added by: admin File size: 49 KB Downloads: 7 32 engines detected this file SHA-256 bad8a41d33fe0e4cce27f41005e498c0ac26eef9f59099ad2d538bc429e4d289 File name JHG76w23 File size 140 KB Last analysis 2018-01-26 03:17:24 UTC Community score -105 Ikarus Trojan.Kryptik Kaspersky Backdoor.Win32.Dridex.sr Malwarebytes Trojan.Dridex MAX malware (ai score=97) McAfee RDN/Generic.hbg McAfee-GW-Edition BehavesLike.Win32.PUPXAX.ch Palo Alto Networks generic.ml Rising Malware.XPACK-LNR/Heur!1.5594 (CLASSIC) SentinelOne … Read more

TOR Malware Botnet red.php PCAP file download traffic sample

Download Attachments 1  torbotnetDate added: January 26, 2018 5:50 am Added by: admin File size: 755 KB Downloads: 12 10 engines detected this file SHA-256 9b606e8e8e7ada9da2afdd3cea20d777f84da9f8b148a58385890e44743f733d File name red.php File size 488 KB Last analysis 2018-01-25 22:27:42 UTC 2018-01-25 22:23:49.279103 IP 192.168.1.102.52977 > 62.149.140.171.80: Flags [P.], seq 0:154, ack 1, win 256, length 154: HTTP: GET /agenti/red.php HTTP/1.1E…%M@…G….f>……P.U7. 5.P…W…GET /agenti/red.php HTTP/1.1User-Agent: Wget/1.19.4 (mingw32)Accept: … Read more

Androm Trojan Downloader Loads Zusy Emotet Banking Trojan Malware PCAP file download traffic sample az.exe 11.exe

50 engines detected this file SHA-256 5831264367b6ee1636606b2d9f46111cb7ab4b3b007e49e2f921df5f7d484f06 File name output.112714662.txt File size 128 KB Last analysis 2018-01-24 18:48:00 UTC Community score -1 VBA32 Backdoor.Androm VIPRE Trojan.Win32.Generic!BT ViRobot Trojan.Win32.Agent.131072.EN Webroot W32.Trojan.Emotet 37 engines detected this file SHA-256 b134507e22448a801b8a6d1fa6bc32a7d4b389afb15ec721b83e24bdde2e61e1 File name az.exe File size 409.5 KB Last analysis 2018-01-22 06:22:47 UTC Endgame malicious (high confidence) eScan Gen:Variant.Zusy.272363 … Read more

Adware loading Malware for Monetization? System Healer Social Engineers DNSChanger/Dynamer 185.17.184.11

Typically, malware will be installed through the use of exploit kits, spam e-mails, gifs laced with executables, torrents and so on. That being said, there is a fairly commonly downloaded software package known as “System Healer” being downloaded on the interwebs which claims to speed up your PC and optimize it. Are Sethealer.net/iSystemHealer.com/MagicPro.org serving up … Read more