Recent Posts

Pages: 1 ... 6 7 [8] 9 10
71
Malicious Domains / Trojan posing as a Youtube To MP3 converter
« Last post by Malvertiser on January 22, 2016, 05:16:24 pm »
The following URL will lead to the site hosting the malware

hxxp://youtube-to-mp3.com

72
is using a different obfuscation technique

On what ?

There is no content that would need to be obfuscated.

If you can not indicate what is or would need to be obfuscated then the conjecture is FUD.  In other words...
If one is to speculate that there may be a case of "a different obfuscation technique" then one must show show what the content is that would be the object of that obfuscation.

 
73
Hello,

There is a possibility that the person who created this file is using a different obfuscation technique which bypasses most of the anti virus softwares and is not detected by online file examining tools.

If these technique is added to the database of Virus Total then they will show this file as malicious.

Just a thought. :-)

Thanks,
Aditya
74
You uploaded this file, twice, early this AM in another location.  I subsequently examined it.

It's a PDF on JavaScript Concurrency.  It is not a malicious PDF nor even suspicious.

Virus Total Report
75
Hello,

Please check : hxxp://file.allitebooks.com/20160104/JavaScript%20Concurrency.pdf

Size: 1714620 bytes
MD5: 1a2348c186c8b5c8b4a07a08d70e4957
Sha1: 73565f3a46c44487c11ea701783e8c150b73ba27
Sha256: f86b701f25823b9be8916974b01c1e141d7d801e3fb96f416803e13ed4bb9104
ssdeep: 24576:95xT7fEtdDA4LcQBS8M7hP/SVTEMDfbZIogpWBK+Pkuys0792:9v8nDnYKS8MZKV3DfmoWWBRkO0p2
Type: PDF document, version 1.6.

Detection: Malware [12]

Summary:
632.0@491775: suspicious.obfuscation using charCodeAt
632.0@491775: suspicious.obfuscation using String.fromCharCode
831.0@710564: suspicious.obfuscation using eval

Used malwaretracker.com for analysis, not sure if they give trusted information. Manually checked the file, obj 2038 looks suspicious.

Thanks,
Aditya

76
phishing = hxxp://login.kasikornbankgroupkcyber.ru/K-Online/indexHome_th.jsp   



authenticity  =
hxxps://online.kasikornbankgroup.com/K-Online/login.jsp?lang=th&type=
77
Malicious Domains / Re: Paypal Phishing
« Last post by boneco69 on January 16, 2016, 06:57:16 am »
And another one...

hxxp://www.atheme-formation.fr/wp-includes/Pay-pal-assistance-ssl-H87967633488569786/

"Can list" server contents

hxxp://www.atheme-formation.fr/wp-includes/
78
Malicious Domains / Re: Paypal Phishing
« Last post by InfectedPacket on January 13, 2016, 02:54:51 pm »
Additional Paypal phishing:

http://inclusivediversity.co.uk/wp-content/upgrade/ Paypal Phishing (Redirect)
http://dashlinen.testing-domain-live.co.uk/Secure/paypal-CA/ Paypal Phishing
79
Malicious Domains / Re: soundclou.com - dangerous exploit installer/typosquatter
« Last post by dlipman on January 09, 2016, 04:33:18 pm »
You can upload it/them ( samples ) to http://www.uploadmalware.com  and mark the submission that it was based upon a request from MDL.

Obrigado.
80
Malicious Domains / Re: soundclou.com - dangerous exploit installer/typosquatter
« Last post by emmyslim on January 08, 2016, 01:44:02 pm »
hello thanks for your post please i want doc exploit spy and i also want need an exploits that i can use to convert my exe file to doc or pdf
Pages: 1 ... 6 7 [8] 9 10