malwrecon.blogspot.com
Malware ReconstructorАнализ шеллкода из Blackhole Exploit Kit. Shellcode analyze.
http://malwrecon.blogspot.com/
Анализ шеллкода из Blackhole Exploit Kit. Shellcode analyze.
http://malwrecon.blogspot.com/
TODAY'S RATING
>1,000,000
Date Range
HIGHEST TRAFFIC ON
Thursday
LOAD TIME
0.2 seconds
16x16
32x32
64x64
128x128
PAGES IN
THIS WEBSITE
5
SSL
EXTERNAL LINKS
21
SITE IP
216.58.216.193
LOAD TIME
0.172 sec
SCORE
6.2
Malware Reconstructor | malwrecon.blogspot.com Reviews
https://malwrecon.blogspot.com
Анализ шеллкода из Blackhole Exploit Kit. Shellcode analyze.
malwrecon.blogspot.com
Malware Reconstructor: Анализ Trojan-Downloader.Win32.Small.cgwk
http://www.malwrecon.blogspot.com/2012/04/trojan-downloaderwin32smallcgwk.html
Что один построил - то другой воссоздать может. Вторник, 10 апреля 2012 г. Анализ Trojan-Downloader.Win32.Small.cgwk. Попался тут где то в середине марта экземпляр на Malware Domaian List. Троян доунлоадер. Ну что ж поиследуем решил , на момент поимки его на вирустотале детектило 4 или 5 АВ. к концу марта уже 35/45 ( линк. Код доунлоадера разбавлен полиморфным мусором, что несколько затрудняет анализ. Имеем следующую картину. Ок имеем следующую картину:. И это уже гораздо приятней =). И собственно ниже к...
Malware Reconstructor: сентября 2011
http://www.malwrecon.blogspot.com/2011_09_01_archive.html
Что один построил - то другой воссоздать может. Суббота, 17 сентября 2011 г. Часть 2: SpyEye и plugin.dll. Наверняка разработка этого плагина велась под лозунгом: "Не наврежу, но нагажу" =) Особо тут смотреть не на что, но да все равно. Signed int cdecl Start(). Unsigned int index; / edi@1. Const CHAR *fName; / esi@2. LPCSTR filesTable; / [sp 8h] [bp-18h]@1. Int v4; / [sp Ch] [bp-14h]@1. Int v5; / [sp 10h] [bp-10h]@1. Int v6; / [sp 14h] [bp-Ch]@1. Int v7; / [sp 18h] [bp-8h]@1. Int v8; / [sp 1Ch] [bp-4h]@1.
Malware Reconstructor: Часть 2: SpyEye и plugin.dll
http://www.malwrecon.blogspot.com/2011/09/2-spyeye-plugindll.html
Что один построил - то другой воссоздать может. Суббота, 17 сентября 2011 г. Часть 2: SpyEye и plugin.dll. Наверняка разработка этого плагина велась под лозунгом: "Не наврежу, но нагажу" =) Особо тут смотреть не на что, но да все равно. Signed int cdecl Start(). Unsigned int index; / edi@1. Const CHAR *fName; / esi@2. LPCSTR filesTable; / [sp 8h] [bp-18h]@1. Int v4; / [sp Ch] [bp-14h]@1. Int v5; / [sp 10h] [bp-10h]@1. Int v6; / [sp 14h] [bp-Ch]@1. Int v7; / [sp 18h] [bp-8h]@1. Int v8; / [sp 1Ch] [bp-4h]@1.
Malware Reconstructor: апреля 2012
http://www.malwrecon.blogspot.com/2012_04_01_archive.html
Что один построил - то другой воссоздать может. Четверг, 19 апреля 2012 г. Анализ шеллкода из Blackhole Exploit Kit. Допустим у нас есть задача быстро просмотреть что и откуда будет грузиться из Blackhole exploit kit. Можно конечно воспользоваться одной из виртуальных машин wireshark (влепите сюда ваш любимый снифер), но это не интересно =) Вот такой я извращенец. =) Проведем эдакий ручной анализ, или х. его знает как хотите так и называйте. Наш выбор пал на rf3c73.ru/indexi.php? Написать об этом в блоге.
Malware Reconstructor: Анализ шеллкода из Blackhole Exploit Kit
http://www.malwrecon.blogspot.com/2012/04/blackhole-exploit-kit.html
Что один построил - то другой воссоздать может. Четверг, 19 апреля 2012 г. Анализ шеллкода из Blackhole Exploit Kit. Допустим у нас есть задача быстро просмотреть что и откуда будет грузиться из Blackhole exploit kit. Можно конечно воспользоваться одной из виртуальных машин wireshark (влепите сюда ваш любимый снифер), но это не интересно =) Вот такой я извращенец. =) Проведем эдакий ручной анализ, или х. его знает как хотите так и называйте. Наш выбор пал на rf3c73.ru/indexi.php? Вот он , наш шеллкодик, ...
TOTAL PAGES IN THIS WEBSITE
5
XyliBox: Gimemo guys still use free service for stats
http://www.xylibox.com/2012/09/gimemo-guys-still-use-free-service-for.html
If you want to make enemies, try to change something. Monday, 3 September 2012. Gimemo guys still use free service for stats. Oh god, these guys still have no money to afford a coder? If you want have a look: http:/ s11.flagcounter.com/more/L8o. Posted by Steven K. 4 September 2012 at 13:02. Ransom.II (aka Madlerax.A ) www.botnets.fr/index.php/Ransom.II. Http:/ www.xylibox.com/2012/08/winlock-affiliate.html :). 4 September 2012 at 14:11. 4 September 2012 at 19:26. 4 September 2012 at 20:56. PaySitesClub ...
XyliBox: Behind SpyEye... Gribodemon
http://www.xylibox.com/2012/03/behind-spyeye-gribodemon.html
If you want to make enemies, try to change something. Wednesday, 28 March 2012. Behind SpyEye. Gribodemon. Not a surprise, Gribodemon have not delivered (and will never deliver? A new SpyEye 1.3.50 update. Customers started to become rapidly annoyed of seeing no progress and bored of gribodemon excuses for the update delay. In parallel of the 1.3.x update, Gribodemon started to code the version 2 of SpyEye (bootkit, more injects, and some other items according to him). More recently things come to light:.
XyliBox: Black processing service for malware only
http://www.xylibox.com/2013/01/black-processing-service-for-malware.html
If you want to make enemies, try to change something. Friday, 18 January 2013. Black processing service for malware only. Good Internet day = ). I'm looking for a partner with working spyware or an owner of affiliate program. I have a working merchant for plastic cards, for high risk. (. Not for carding ). Some companies are registered; online-banking is included. I can give online (. Probably, access to online banking ). Payments just one time in a week (. One time in 4 business days ). The Wall of Shame.
XyliBox: Tiberium/Consuella USPS money laundering service
http://www.xylibox.com/2015/01/tiberiumconsuella-usps-money-laundering.html
If you want to make enemies, try to change something. Wednesday, 14 January 2015. Tiberium/Consuella USPS money laundering service. Consuella was a 'USPS drop service' run by one of the Lampeduza administrator. This type of service is used to help credit card thieves to "cash out" by sending carded labels service overseas (or not) via USPS. They was also constantly recruiting mules in United states to keep addresses in rotation. Here is what look like the service from an admin point of view:. Gimemo guys...
XyliBox: Alina 'sparks' source code review
http://www.xylibox.com/2015/01/alina-sparks-source-code-review.html
If you want to make enemies, try to change something. Thursday, 15 January 2015. Alina 'sparks' source code review. I got on my hands recently the source code of Alina "sparks", the main 'improvement' that everyone is talking about and make the price of this malware rise is the rootkit feature. Josh Grunzweig did already an interesting coverage. Of a sample, but what worth this new version? And commented out, replaced with two kernel32 hooks instead, like if the author cannot into hooks :D. Haven't looke...
XyliBox: weelsof use SSL C&C
http://www.xylibox.com/2012/09/weelsof-use-ssl-c.html
If you want to make enemies, try to change something. Monday, 3 September 2012. Weelsof use SSL C&C. Not a surprise but interesting. Admin (extasy.miriellographico.com/2/cp.php):. Posted by Steven K. Subscribe to: Post Comments (Atom). Friends / Blog List. The Wall of Shame. List of Malware Sources. If you have a question, malware submission or need help: xylitol☆temari.fr. View my complete profile. Contact: xylitol☆temari.fr. Reverse Deception: Organized Cyber Threat Counter-Exploitation. FakeAV GUI/Fak...
XyliBox: Sakura Exploit Pack 1.0
http://www.xylibox.com/2012/01/sakura-exploit-pack-10.html
If you want to make enemies, try to change something. Wednesday, 18 January 2012. Sakura Exploit Pack 1.0. Rate at 35.1%. The following urls was found:. Http:/ test1.moneyhome.biz/rhino.jar. Http:/ test1.moneyhome.biz/jino.jar. Http:/ test1.moneyhome.biz/load/. Http:/ test1.moneyhome.biz/manager/. Posted by Steven K. Labels: Sakura Exploit Pack 1.0. 18 January 2012 at 16:31. Good work) i know this pack. its new private russian pack. 18 January 2012 at 19:07. Where to find this? 6 January 2014 at 13:29.
XyliBox: Android/FakeToken.A
http://www.xylibox.com/2014/04/androidfaketokena.html
If you want to make enemies, try to change something. Sunday, 20 April 2014. OTP forwarder dumped months ago. Second panel, a bit different, look like a 'test' one. RSA Security talked also about it here. Posted by Steven K. 20 April 2014 at 20:59. This bot is evolving for a long time from small article on underground forum How to code Android bot and nowdays has many clones. We also wrote about it http:/ intelcrawler.com/news-12. I will provide you more details later :). 23 April 2014 at 17:00. Gimemo g...
XyliBox: Captain Barbarossa
http://www.xylibox.com/2015/01/captain-barbarossa.html
If you want to make enemies, try to change something. Tuesday, 13 January 2015. Captain Barbarossa, is used for Paypal phishing and sold as phishing kit, the kit include an admin panel. User is tricked with a fake Paypal login asking for details, here in German:. Once infos are transmitted the datas are sent to the panel. Posted by Steven K. 23 October 2015 at 13:54. Thank you for taking the time to publish this information very useful! Anti skid tapes supplier in india. 16 November 2015 at 07:29. SpyEye...
TOTAL LINKS TO THIS WEBSITE
21
Malworks.org
This domain may be for sale. Backorder this Domain. This Domain Name Has Expired - Renewal Instructions.
MALWORM
Journey to the center of malicious codes =-. Thursday, November 15, 2007. Microsoft November 2007 Monthly bulletins. Microsoft monthly bulletins was released . Patch this critical Holes. Vuln in Windows URI Handling Could Allow Remote Code Execution. Vulnerability in DNS Could Allow Spoofing. Wednesday, November 14, 2007. Cyber Security Awareness Month. 1 Establishing a User Awareness Training Program. 1 Penetrating the "This Does Not Apply To Me" Attitude. 3 Getting the Boss Involved. 20 Software Authen...
Malwr - Coming back soon!
Malwr is coming back soon! Stay tuned for our re-launch and follow updates by signing up to our newsletter:.
malwre.com - malwre Resources and Information.
This webpage was generated by the domain owner using Sedo Domain Parking. Disclaimer: Sedo maintains no relationship with third party advertisers. Reference to any specific service or trade mark is not controlled by Sedo nor does it constitute or imply its association, endorsement or recommendation.
Malware Reconstructor
Что один построил - то другой воссоздать может. Четверг, 19 апреля 2012 г. Анализ шеллкода из Blackhole Exploit Kit. Допустим у нас есть задача быстро просмотреть что и откуда будет грузиться из Blackhole exploit kit. Можно конечно воспользоваться одной из виртуальных машин wireshark (влепите сюда ваш любимый снифер), но это не интересно =) Вот такой я извращенец. =) Проведем эдакий ручной анализ, или х. его знает как хотите так и называйте. Наш выбор пал на rf3c73.ru/indexi.php? Написать об этом в блоге.
malwrighome
Mal's Blog
A Blog to display some of my artwork. Mostly naval maritime stuff. Wednesday, March 16, 2011. My other Blog on food. My Blog on eating around in South Australia. Http:/ eatingabout.blogspot.com/. Eating around in Adelaide SOUTH AUSTRALIA. Monday, December 20, 2010. A Journey to the end of the earth. This is the cover of my latest wargames book. It deals with wargaming the convoys to Russia during WW2. Saturday, December 18, 2010. Wednesday, December 8, 2010. Tuesday, December 7, 2010. Spanish civil war c...
malwrIntel - Advanced Malware Intelligence
We know targeted attacks and malicious code better. Malwrintel is dedicated to do research on computer malware and information security related to the field of intelligence. We alert, legal entities, and other organizations, the latest malware and cyber-crime activities. Want to join hands with us? Write an email to vincent[dot]smith[at]malwrintel[dot]com with subject "Partnership Request". Want to join malwrintel? Are you a security researcher determined to keep Internet safe?
Самоучка
DataLife Engine - Softnews Media Group. Сайт для тех, кому обычный домашний комп, это слишком просто и скучно. Установка платформы виртуализации Oracle VM VirtualBox. Установка Windows 7 в виртуальную машину VirtualBox. Установка Windows 8 в виртуальную машину VirtualBox. Установка Windows Server 2008 R2 with Service Pack 1 в VirtualBox. Настройка сети на платформе виртуализации Oracle VM VirtualBox. Forefront Threat Management Gateway. Установка и настройка веб-сервера IIS PHP MySQL на Windows 7. Устано...
malwsky
Creating digital products you’ll love. Seit über 10 Jahren helfe ich Unternehmen dabei digitale Produkt zu realisieren. Egal ob für Start-Ups oder Big-Player, ich entwickle visuelle Konzepte, funktionale Prototypen, Interaktions- and Interface Design. Digital Product Design / Fintech Product. Louis Motorrad - Fun Company. Beratung / UX Design. Product Design / Founder. Hin und wieder unterstütze ich auch meine Lieblingsagenturen bei ihren Kundenprojekten. Globetrotter (SHAKEN not STIRRED).
