37 replies to this topic

[hicham]

http://www63.zippyshare.com/v/60818282/file.html

i hope to add this signatures
it's too dangers
i can't download it and upload because my isp too bad internet
but i help emsisoft what i can

[hicham]

[url="http://www20.zippyshare.com/v/72479754/file.html"]http://www20.zippyshare.com/v/72479754/file.html[/url]

this 3 simple too

[Arief Prabowo]

http://www63.zippyshare.com/v/60818282/file.html

i hope to add this signatures
it's too dangers
i can't download it and upload because my isp too bad internet
but i help emsisoft what i can

There's no undetected malware. All files has been detected by EAM.

Again, please follow our guidelines. No need to password protected archive!

[hicham]

i take it from bit defender forum
in virus total i see emsisoft don't detect it
at all all what i mean i need to help
thanks bro and good luck

[Arief Prabowo]

Yes we are very appreciate your help. But please read and follow our guidelines carefully.

[hicham]

https://www.virustot...26788/analysis/

password unrar = sa3eka

Attached Files

•  DEYANEMO_ViRuS_InC_.rar   104.27K   4 downloads

[hicham]

password unrar = sa3eka
good luck
this pass for new people may be they will download directly and their pc it will infected
because this kind of virus to danger

[Arief Prabowo]

Please read and follow our guidelines!

https://www.virustotal.com/file/f75e3f2c4bab1cb642ce5087f126d28c733260ec4a997c6a09bd160cde626788/analysis/

File is already detected. See this latest report:

https://www.virustotal.com/file/f75e3f2c4bab1cb642ce5087f126d28c733260ec4a997c6a09bd160cde626788/analysis/1341420373/

Your VT report is 2 days ago, you need to re-scan the file to make sure it's not detected by Emsisoft.

password unrar = sa3eka
good luck
this pass for new people may be they will download directly and their pc it will infected
because this kind of virus to danger

File is password protected!

Only experts member are able to download the file, so you don't need to worry about that.

[hicham]

happy to hear that bro i was tryiing emsisoft detect it may be i don't do the updates
at all there's a trojan downloader im waiting my friend he will send me it
i hope to help me how to Test this malwares and trojans in good places secure no afraid from infected ?
virtual box with shadow deffender 100 Secure ?

[hicham]

https://www.virustot...sis/1341579360/
malware
Detection ratio: 3 / 42

Attached Files

•  njRAT v0.3.0.rar   10.69K   2 downloads

[Arief Prabowo]

Thank you for your submission. A database update has already been issued and will be available via online update within the next minutes.

[hicham]

https://www.virustot...sis/1341584626/

16 / 42
malware.rar
MD5: dcb7a668bc23f2333007e3ee49e1b70b

Attached Files

•  malware.rar   288.5K   6 downloads

[hicham]

i stop my internet now it will be normal






using real player icon



lol using system memory






lol



lol he want injection with mozilla firefox



injection with firefox



lol



lol his place injection

C:\WINDOWS\InstallDir

[hicham]

there's a password in file so the file automatiquler from the paker it will unpack to system32 after 10 min from download
it's so danger file
we need Anti SFX password chifrax trojans

[hicham]

This too

[Arief Prabowo]

Thank you. The file will be checked.

[hicham]

the file is too danger
if it says password SFX unpacker Because this's the idea from the hacker to add a time to unpack automatiquler in your system32
and hack with hidden prossess
and getting a injection with svshost.exe and mozilla firefox.exe
good luck arief im sure u will get it

[hicham]

http://www.umplayer.com/download/
This player as virus virtumond
not detected By all anti viruses
i scan it with assempler i see much viruses and bad behavior on it

[Elise]

No malware was detected in the download you linked to.

Nevertheless, if you suspect a URL to download malicious files onto a computer, then please attach a text file containing the link so nobody can accidentally click it and get infected that way. Also, as explained here, please try to attach the actual file together with a Virustotal scan. These rules were already pointed out to you several times, so please try to follow them. If they are not clear to you somehow, then please let us know which part you don't understand so we can clarify it.

[hicham]

i scan the file of setup virus total says it's malware
go scan umplayer setup file and tell me what you see

[Elise]

This is the VT scan of the URL you linked to: https://www.virustot...sis/1341821329/
This is the VT scan of the downloaded file: https://www.virustot...sis/1341821250/

On top of that I analysed the installer and nothing malicious or undesirable was dropped/installed.

[hicham]

This file is Virtumonde virus!
This is Rogue.
#malware #drivebydownload
Posted 7 months, 2 weeks ago by anonymous
look in the comments in virus total
that anonymous he's from admins of virus total

always he says the truth

[hicham]

#4 Elise

ok at all thanks for help i love romania i have a friend from There
named alex

[hicham]

http://haizer-dz1.com/

A malware back track web site to hack cookies and steal them from cookies

i hope to see and add the suspious files on it in black list

We Trust you emsisoft

the Best

protect us

[Fabian Wosar]

Consider this a last warning, hicham. Either follow the guidelines of this forum or I will remove your access to this forum.

[hicham]

File: Yu42R5sC.exe
CRC-32: 5b19c1cf
MD4: 352507a47f9beb1424880005ad368d19
MD5: e0fdfa0fcc3ce9fd148ab7ebe9f372f3
SHA-1: faf7314321c8e000695407d1461ca8a3ee1cc257

https://www.virustot...cfe9f/analysis/

Zbot malware

Attached Files

•  Yu42R5sC.zip   269.75K   1 downloads

[Elise]

Thank you for your submission. I will look into it as soon as possible.

[hicham]

np my bro elise if you found it's malware tell me

[Elise]

Yes, its indeed zbot and has been added to the database, thank you!

[hicham]

Elise i will work in this Team soon i will try to submit all files which EAM don't detected them

Remember to help me to join this team
good luck bro

[hicham]

File: linun.exe
CRC-32: 3b4cac9b
MD4: 078b854463c5c332884f6d3b5623c36d
MD5: 6c1995fdd1e90fb013e6390cf68c3ef4
SHA-1: 588ea8bad35166cb1b13dadcfed2ff2833968d46

lol with Fake Digitale signature
that file need to use internet explorer to download more malwares
this kind (Zbot) yasterday i submit it and update for it
but i see the file created too in application data with another hash and md5
so please add this new version too
14/42

https://www.virustot...sis/1347360848/

Attached Files

•  linun.zip   269.74K   3 downloads

[Arief Prabowo]

Thanks, I will look into it.

[hicham]

lets tell me if the file take a update

[Arief Prabowo]

The file has been added to database since yesterday. You can scan the file to know whether the file already detected or not.

[hicham]

arief Prabowo The problem not add it to database because the file has a auto md5 Changer
i was upload it in virustotal and get emsisoft already detect and catch it
but after that i see in appdata the same file with fake digital signature and another md5
scan with The emsisoft not detected
i sent it yasterday and you add it
i hope it's detected at all no change again

[hicham]

Zeroday malware Trojan.(ZeroAccess)HT

File: malware.avi.exe
CRC-32: 1ac7f28a
MD4: 32b9bf964d6ab2f2dad448e48099177b
MD5: bbe20cd362b5b15ffc62fa9a8c1f9af9
SHA-1: 924ebcdea2fa9abba999bf78a1b88c519b4735c1

https://www.virustot...sis/1347460624/

Attached Files

•  malware.avi.exe.zip   146.31K   2 downloads

[hicham]

lol The same Zbot with another Md5 not detected
need to new Generation which detected the file if that change The informations

File: GjTagQc.exe
CRC-32: 8793f1be
MD4: 37d1a03c757ee560b82b20747991bc05
MD5: 29bf648581ce4e9d371701c487db22e5
SHA-1: b5380e132bbcfaf3c549aff3864d17ee6e6da6b5

https://www.virustot...sis/1347461878/

Attached Files

•  GjTagQc.zip   269.28K   3 downloads

[Arief Prabowo]

Thank you for your submission. A database update has already been issued and will be available via online update within the next minutes.