Pony Loader dropped .bat file 3880eeb1c736d853eb13b44898b718ab strings
File: 13648031.batMD5: 3880eeb1c736d853eb13b44898b718abSize: 94Ascii Strings:--------------------------------------------------------------------------- :ktk del %1 if exist %1 goto...
View ArticleAlienSply RAT strings db46adcfae462e7c475c171fbe66df82
File: unXX0JIhwW.txtMD5: db46adcfae462e7c475c171fbe66df82Size: 131178Ascii...
View ArticleAlienSpy classes strings (from MD5: ABE6EF71E44D2E145033800D0DCCEA57.jar)
File: Server.classMD5: 3d9ffbe03567067ae0d68124b5b7b748Size: 520Ascii...
View Articlee783bdd20a976eaeaae1ff4624487420 strings Desktop.ini
File: Desktop.iniMD5: e783bdd20a976eaeaae1ff4624487420Size: 63Ascii...
View ArticleAlienspy timestamp file 29OVHAabdr.tmp 355fe2f7e5dde196d446d9043858f850 and...
1416188848781 << time in unix epoch formatFile: 29OVHAabdr.tmpMD5: 355fe2f7e5dde196d446d9043858f850Size: 13Ascii...
View ArticleiWimMQLgpsT2624529381479181764.png Java Alienspy+pony loader strings
File: iWimMQLgpsT2624529381479181764.pngMD5: fab8de636d6f1ec93eeecaade8b9bc68Size: 755017Ascii...
View ArticleServer.class 3d9ffbe03567067ae0d68124b5b7b748 from Alienspy rat
File: Server.classMD5: 3d9ffbe03567067ae0d68124b5b7b748Size: 520Ascii...
View Articletest apt
.users { table-layout: fixed; width: 100%; white-space: normal; } /* Column widths are based on these cells */ .row-ADDED { width: 10%; } .row-TYPE { width: 8%; } .row-FAMILY { width: 12%; }...
View ArticleClik here to view.
Taidoor strings - APT
File: DW20.exeMD5: 46ef9b0f1419e26f2f37d9d3495c499fSize: 47104Ascii Strings:---------------------------------------------------------------------------!This program cannot be run in DOS...
View ArticleClik here to view.
Surtr (Smoaler) strings - APT
File: DW20.dllMD5: 8e187ae152c48099f715af442339c340Size: 44032Ascii Strings:---------------------------------------------------------------------------!This program cannot be run in DOS...
View ArticleClik here to view.
TBD 8202 strings - APT
File: DW20.dllMD5: 064ae9b451f0503982842c9f41a58053Size: 60416Ascii Strings:---------------------------------------------------------------------------!This program cannot be run in DOS...
View ArticleClik here to view.
Surtr (Smoaler) Strings - APT
File: DW20.dllMD5: 1325ec00149cd2dd9a2982769f1fa12aSize: 39936Ascii Strings:---------------------------------------------------------------------------!This program cannot be run in DOS...
View ArticleClik here to view.
PlugX dropper strings - APT
File: DW20.exeMD5: 2ff2d518313475a612f095dd863c8aeaSize: 305709Ascii Strings:---------------------------------------------------------------------------!This program cannot be run in DOS...
View ArticleClik here to view.
PlugX strings - APT
File: hkcmd.exeMD5: 23f2c3dbdb65c898a11e7f4ddc598a10Size: 173592Ascii Strings:---------------------------------------------------------------------------!This program cannot be run in DOS...
View ArticleClik here to view.
Kelihos strings - CRIME
File: Kelihos_C94DC5C9BB7B99658C275B7337C64B33MD5: c94dc5c9bb7b99658c275b7337c64b33Size: 1220125GET /index.htm HTTP/1.1Host: 188.129.243.106Content-Length: 164User-Agent: Mozilla/5.0 (Windows NT 6.1;...
View ArticleClik here to view.
Dark Comet strings - APT
File: DarkKomet_DC98ABBA995771480AECF4769A88756E.exe_MD5: dc98abba995771480aecf4769a88756eSize: 656896GET /a.php?id=c2ViYWxpQGxpYmVyby5pdA== HTTP/1.1Host: [ip.address]Ascii...
View ArticleClik here to view.
Tijcont strings - CRIME
File: TijcontMD5: 845b0945d5fe0e0aaa16234dc21484e0Size: 475152GET /3.txt HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0;...
View ArticleClik here to view.
Page / Elise / lStudio / stscout / Wumins strings - APT
File: msgsm.exeMD5: aaf73666cbd750ed22b80ed836d2b1e4Size: 68608Ascii Strings:GET /29af9cdc/page_12082223.html HTTP/1.1Accept: */*Cookie: XX=0; BX=0User-Agent: Mozilla/4.0 (compatible; MSIE 8.0;...
View ArticleClik here to view.
Vidgrab strings - APT
File: Vidgrab_660709324ACB88EF11F71782AF28A1F0_DW20_.exe__MD5: 660709324acb88ef11f71782af28a1f0Size: 118784....3HTTP/1.1 301 Moved PermanentlyLocation:http://windowsupdate.microsoft.com/Content-Type:...
View ArticleCryptolocker strings - CRIME
File: Cryptolocker_9cbb128e8211a7cd00729c159815cb1c_crypt_1_sell23-09.exe_MD5: 9cbb128e8211a7cd00729c159815cb1cSize: 743424Ascii...
View ArticleClik here to view.
Brazilian Bamker _ C__Internet_Banking.cpl - strings - CRIME
File: C__Internet_Banking.cplMD5: 563707b4edcc0bb0c88365a6702d4ba0Size: 192000Ascii Strings:---------------------------------------------------------------------------This program must be run under...
View ArticleClik here to view.
Chikdos.A - CRIME strings
File: Chikdos_10E7876FD639EA81767315CD178873C0_59870.exe_WinMD5: 10e7876fd639ea81767315cd178873c0Size: 579584Ascii...
View ArticleClik here to view.
Linux Chikdos - CRIME strings
File: Chikdos_595094C92145C10860FFF3F85CBE6174_nodeJR_un_elf_linuxMD5: 595094c92145c10860fff3f85cbe6174Size: 1480387Ascii...
View ArticleOiuFr7LcfXq1847924646026958055.vbs - AlienRAT dropped VBS
Note: Laura is the user name on the sandboxFile: OiuFr7LcfXq1847924646026958055.vbsMD5: 9e1ede0dedadb7af34c0222ada2d58c9Size: 1542Ascii...
View ArticlePony Loader strings asdqw4727319084772952101234.exe...
File: asdqw4727319084772952101234.exeMD5: b5e7cd42b45f8670adaf96bbca5ae2d0Size: 792122Ascii Strings:---------------------------------------------------------------------------!This program cannot be...
View Article