Malware Research

16 Oct 2024 19:01

Hi everyone, sample request, thank you in advance
https://www.virustotal.com/gui/file/3420c9d87724bf00e41e0303d5dd5cd60ee4339f7583d9964200c8f0bfe34ea5/summary

Malware Research

16 Oct 2024 12:18

Hello Enrik Loshi, welcome to the Malware Research group! Please read the pinned message before you post!

Malware Research

14 Oct 2024 12:53

New FedBan
Fed: Libra's Empire
FedAdmin: ❤🦦
User: Smithy
User ID: 1382864004
Reason: 2FA bomber

Malware Research

14 Oct 2024 01:14

Hello @bolajibankole, welcome to the Malware Research group! Please read the pinned message before you post!

Malware Research

13 Oct 2024 11:55

This is from event viewer is this referring to quasar malware ? Found nothing documenting this event

Malware Research

12 Oct 2024 10:29

According to DEF CON, Grinberg "refused to leave, demanding that our security team remove him," a request they were all too happy to oblige. "We complied with his wishes and escorted him off the stage, where he was free to continue attending the conference."

Malware Research

10 Oct 2024 11:19

New FedBan
Fed: Libra's Empire
FedAdmin: ❤🦦
User: Александр Мельников
User ID: 6307487989
Reason: upgrade to scam instead of spam

Malware Research

09 Oct 2024 18:17

Hey guy's "SmuggleSheild" stable version is out on Chrome web store do give a try and share your feedback. The extension aims to block basic HTML smuggling attacks.
https://x.com/RandomDhiraj/status/1844047688427586011

Malware Research

09 Oct 2024 15:24

https://www.404media.co/telegram-confirms-it-gave-u-s-user-data-to-the-cops/?s=09

Malware Research

09 Oct 2024 01:18

No, not the same. Rizin and Cutter diverged from Radare2 significantly at this point. The fork happened many years ago

Malware Research

08 Oct 2024 18:16

New FedBan
Fed: Libra's Empire
FedAdmin: ❤🦦
User: ALPHA115
User ID: 7547738073
Reason: illegal activity

Malware Research

07 Oct 2024 17:42

User Rashedul Islam has 1/3 warnings; be careful!
Reason:
no advertising

Malware Research

07 Oct 2024 04:48

Hello Noy, welcome to the Malware Research group! Please read the pinned message before you post!

Malware Research

05 Oct 2024 12:13

I agree, but I've also seen malware which was done by people who actually understand what they're doing.

Malware Research

05 Oct 2024 09:15

lmao cause its mostly chinese apt's, outsourcing work to junior pentesters

Malware Research

16 Oct 2024 14:51

New FedBan
Fed: Libra's Empire
FedAdmin: ❤🦦
User: Devil
User ID: 7949041408
Reason: illegal activity

Malware Research

14 Oct 2024 13:03

FedBan Reason update
Fed: Libra's Empire
FedAdmin: ❤🦦
User: Smithy
User ID: 1382864004
Previous Reason: 2FA bomber
New Reason: phisher

Malware Research

14 Oct 2024 02:08

Thank you for your response, and this is from the system event log. I tried doing AV scans, checking autoruns found nothing, tried googling the event found nothing about «quasar » beside the rat

Malware Research

13 Oct 2024 20:04

Netwtw10 is the source? Application event log?

If yes, from Googling about Netwtw10, it's related to Intel wifi driver

Suggest that you troubleshoot from there (e.g. search for "quasar" on your system) and see if there are any hits

If you want to eliminate malware first, maybe head to https://malpedia.caad.fkie.fraunhofer.de/details/win.quasar_rat and read about the RAT's behaviour, find rules/signatures that may potentially detect it

Malware Research

12 Oct 2024 17:43

So yes he was to a extent

Malware Research

12 Oct 2024 06:51

was anyone at defcon this year? was the badge developer actually removed when he was protesting for non payment?

Malware Research

09 Oct 2024 23:14

New FedBan
Fed: Libra's Empire
FedAdmin: alex 27
User: Xghilsc bUP
User ID: 7208517432
Reason: skid

Malware Research

09 Oct 2024 17:29

Hello Laresh, welcome to the Malware Research group! Please read the pinned message before you post!

Malware Research

09 Oct 2024 11:40

Hello Royal, welcome to the Malware Research group! Please read the pinned message before you post!

Malware Research

08 Oct 2024 21:32

Is cutter/rizin != Radare2?

Malware Research

08 Oct 2024 17:38

Any one want cypher rat with 5$ only??100% reliable and we have not received any report

Malware Research

07 Oct 2024 09:38

Hello @khangkhang24, welcome to the Malware Research group! Please read the pinned message before you post!

Malware Research

05 Oct 2024 12:36

Sure. Unfortunately, AFAIU there's no way to objectively identify LLM-generated code. I think I saw a paper on that last year or early '24. So, I can only make a hypothesis with the info I have, which I did. I could be wrong, no doubt.

Malware Research

05 Oct 2024 09:16

i hardly imagine some senior appsec, wasting his time writing simple implants

Malware Research

05 Oct 2024 09:08

In my experience, when I've looked at malware I don't see well-written code. Almost never, tbh. The code might be simple but it doesn't have certain characteristics.

But LLMs generate good code with good control flow, comments, variable names, etc. So, that's the connection. It's a hypothesis