Author Topic: crazy malware author - 48 layers of obfuscation (Read 8222 times)

SysAdMini · October 08, 2008, 10:47:19 pm

http://www.cs.ucsb.edu/~marco/blog/2008/10/obfuscated-backdoor-or-joke.html

Tigger` · October 09, 2008, 12:01:37 am

They are always trying to make it harder to detect things.

Orac · October 09, 2008, 09:52:05 am

Thats just crazy, if your going to go that far at least use 48 layers of different obfuscation techinques, not the same one recycled. Yet another skiddie with way too much time on their hands !!

MysteryFCM · October 09, 2008, 07:39:20 pm

LOL! ...... ya gotta love these skiddies

julevine · October 09, 2008, 08:04:00 pm

if someone finds a sample Can you post a rar file with the code so i can study it

thanks

SysAdMini · October 09, 2008, 09:39:32 pm

Quote from: julevine on October 09, 2008, 08:04:00 pm

if someone finds a sample Can you post a rar file with the code so i can study it

thanks

I had contacted the author of the article (Marco Cova) and got a quick response.
Here is the sample. PW is "mdl".

Comment from Marco

Quote

I've attached the phishing kit that contains the sample. The code I was referring to on the blog is contained in the loginsubmit.php file. The file amen.php also looks similar.

Author Topic: crazy malware author - 48 layers of obfuscation (Read 8222 times)

SysAdMini

crazy malware author - 48 layers of obfuscation

Tigger`

Re: crazy malware author - 48 layers of obfuscation

Orac

Re: crazy malware author - 48 layers of obfuscation

MysteryFCM

Re: crazy malware author - 48 layers of obfuscation

julevine

Re: crazy malware author - 48 layers of obfuscation

SysAdMini

Re: crazy malware author - 48 layers of obfuscation