Author Topic: Submit Malware Here To Be Blacklisted - 2017 (NO LIVE MALWARE!)  (Read 37938 times)

Offline yigido

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 5691
  • COMODO Rocks!
    • Free Comodo Products!
Re: Submit Malware Here To Be Blacklisted - 2017 (NO LIVE MALWARE!)
« Reply #15 on: January 07, 2017, 05:07:28 AM »
e0a456b2453666b3dcc62489a3f1864a694910e0
COMODO Cloud Antivirus
Firefox Quantum
Encrypt the web! Use HTTPS Everywhere..
Block spying ads and invisible trackers! Use Privacy Badger..

Offline baskarm

  • First Response Group
  • Comodo Family Member
  • *****
  • Posts: 69
Re: Submit Malware Here To Be Blacklisted - 2017 (NO LIVE MALWARE!)
« Reply #16 on: January 07, 2017, 05:16:30 AM »
Hi yigido,

Thank you for your submission.
We'll check them and if found to be malware detection will be added.

Regards,
Baskar M

Offline Vladimir.K

  • Newbie
  • *
  • Posts: 14
Re: Submit Malware Here To Be Blacklisted - 2017 (NO LIVE MALWARE!)
« Reply #17 on: January 07, 2017, 12:06:49 PM »
ad9171c033ea2eaaea5ce152610af4acce7a151a
5753fb43dd9127745d6753e1a4f09d2a8e1cc2b1
0bd7e42104bd6081a4a0f92597ea27393aa6686e
d7581b3838edc30cfc50cc04c674593bf988ef96
59df032a485aa400f76dea37abc45ce8b9f85f8a
a4bfeb6b583f00446f19814ee5a2379765d84c4b
dafdaf22044c3e132bed4266c192f0f5a089949e
08fa7a3697c42d4aa307c972c1c3855c46d8d26c
08fa7a3697c42d4aa307c972c1c3855c46d8d26c
bd4522426dc27e2ddbd03d030576495843c6f2c6
de411dc67ca44ab42f5c3b9fe7650fc0849bd3d9

Offline meldan

  • First Response Group
  • Comodo's Hero
  • *****
  • Posts: 3245
Re: Submit Malware Here To Be Blacklisted - 2017 (NO LIVE MALWARE!)
« Reply #18 on: January 07, 2017, 01:42:26 PM »
Hi,

Thank you for your submission.
We'll check them and if found to be malware detection will be added.

Kind Regards,
Erik M.

Offline pio

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 593
  • I like CIS , Kali Linux , IDA Pro & Fl Studio ;)
Re: Submit Malware Here To Be Blacklisted - 2017 (NO LIVE MALWARE!)
« Reply #19 on: January 07, 2017, 05:27:03 PM »
Trojan.Kryptik

https://valkyrie.comodo.com/get_info?sha1=662188866d9d32daee5f4a119543c804db7c7516

Some suspicious Indicators : A Network Trojan was detected , Reads the cryptographic machine GUID , HTTP request contains Base64 encoded artifacts , Multiple malicious artifacts seen in the context of different hosts , Imports suspicious APIs , Opens the Kernel Security Device Driver (KsecDD) of Windows

Trojan.Win32.Inject

https://valkyrie.comodo.com/get_info?sha1=4220b6271ebbb7cf7ad598c5c8f6d01d158cb32b

Some suspicious Indicators : Queries kernel debugger information , Queries process information , PE file has unusual entropy sections , Imports suspicious APIs , Contains ability to register a top-level exception handler , Opens the Kernel Security Device Driver (KsecDD) of Windows

Ransom.Trojan.Cerber

https://valkyrie.comodo.com/get_info?sha1=586712b64964d9be1aef27f01e5aa7e545012e3f

Some suspicious Indicators : Injects code to another process , Creates a child process , Writes to address space of another process , Contacts 576 hosts ,  Multiple malicious artifacts seen in the context of different hosts , Opens the MountPointManager , Reads the cryptographic machine GUID

Ransom.Trojan.Cerber

https://valkyrie.comodo.com/get_info?sha1=fd5eba627ea6456c9951cb04033045f6f890d7e0

Some suspicious Indicators : The same as above

Trojan.Androm

https://valkyrie.comodo.com/get_info?sha1=ddc8f16b0ca5d84a92789f4a2ea1440cd3324ce2

Some suspicious Indicators : Installs hooks/patches the running process , Injects code to another process , Modifies Windows Service Keys , Reads the windows product ID , Reads the cryptographic machine GUID , Creates guarded memory regions ,  Opens the Kernel Security Device Driver
« Last Edit: January 08, 2017, 09:27:24 PM by pio »
*** Paranoid Bastard since CIS 3.5 ! Independent - NON Profit Malware Analyst ***

Offline Chunli

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 2584
Re: Submit Malware Here To Be Blacklisted - 2017 (NO LIVE MALWARE!)
« Reply #20 on: January 08, 2017, 12:09:29 AM »
Hi, pio

Thank you for your submission.
We'll check them and if found to be malware detection will be added.

Best regards
Chunli.chen


Offline meldan

  • First Response Group
  • Comodo's Hero
  • *****
  • Posts: 3245
Re: Submit Malware Here To Be Blacklisted - 2017 (NO LIVE MALWARE!)
« Reply #22 on: January 08, 2017, 10:03:59 AM »
Hi,

Thank you for your submission.
We'll check this.

Kind Regards,
Erik M.

Offline Wisdom

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1050
  • Default-Deny Protection
    • CFI
Re: Submit Malware Here To Be Blacklisted - 2017 (NO LIVE MALWARE!)
« Reply #23 on: January 08, 2017, 04:00:39 PM »
f71aff73d71ae3ad932f5416ec676d19d8062370
639abe452c737490f94679e41a4d111b095768f7
a7efeda200d73c04510774f345fc9caca702323f
b01e633ae3c197313e6acd50e42537d77da72d8f
3b99affee62afba604fca89400f30e12ae12e5d7
73379a7aea0b87ffa3305603ae76e02443e9378f
3d3a196b9ee37ebe743c190da9410e6b31691b10
97d6c9379f354f7bf2c524c53bcbea47e556a7a1
321b11af96ee08ccf39ea44aa7e8d6d24f473535
62dd71080e37193addd175221627f8a016d890a3
0057ab8ee29f63666790f4ff2120d5254c1ffd05
35734b3546a726c325553d811ab7f5f5c139179c
9e800c50a0119929108600ae11b0bb1068fbef23
Heuristics: detecting tomorrow’s threats today

Offline Chunli

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 2584
Re: Submit Malware Here To Be Blacklisted - 2017 (NO LIVE MALWARE!)
« Reply #24 on: January 08, 2017, 11:52:12 PM »
Hi,Wisdom

Thank you for your submission.
We'll check them and if found to be malware detection will be added.

Best regards
Chunli.chen

Offline Wisdom

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1050
  • Default-Deny Protection
    • CFI
Re: Submit Malware Here To Be Blacklisted - 2017 (NO LIVE MALWARE!)
« Reply #25 on: January 09, 2017, 09:59:14 AM »
56be9b5e06edfc1a79a52339bc96b9f06b5fc4eb
d2e712fd1d20445b4bb1b279f79e8914b9eb2de9
0a7bd656fff1cfe58c7fcf547a6e24e08911611d
9e395017d1f542a9d8a72302bedb4d6b8b416a33
aa548d626fb01c69d6154937dc52a69a040421f1
934c48a4cd011ad82f35dca5078901870b93e408
d34e0d6c494e514b92d81b6b7b495fe1e17f818d
90fca60fd7703c0df0ce615114114a725428afe9
d4a0486255d745efb58fb518bee21fe732eaad86
d475b7cb95f195a98998b4cf887c9e6973a77148
264bd52d249f3412353e419683ab3363a612a912
debf68b43d20a1cd0872412571a11a24986aa032
ddbad0265bb7933022fab768bb91fa1283d6c057
7f7599ad46f803a14ed6abc189f5ae8d809ec35c
f3d689591eb92a40440f32b6d088abc372bc9f76
705011cb315bbb64119298e4f5e42bae52df3502
6bf35f44a2267755c2646c89c836bd618c4e964c
f76a1ea66f2c9e4d59f08a4809edc242edcfffe5
Heuristics: detecting tomorrow’s threats today

Offline yigido

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 5691
  • COMODO Rocks!
    • Free Comodo Products!
Re: Submit Malware Here To Be Blacklisted - 2017 (NO LIVE MALWARE!)
« Reply #26 on: January 09, 2017, 12:11:39 PM »
Submitted via CIS internal uploader
SHA-1 list

113828a41c873740b8cd3bece835aa4ee8bf58c0
2d9035b27ce5c1cce2fb8432c76e315a1a2a8de0
2e311120623ab9d17757245c77b85691317d6c9c
3a97bb6d0c0d37c83d9f8ea7045747ea9be1cefe
8521c7663ccd54595beec67a5802aebdc8cb94bc
96096f98aca93012ab56e1ceb98ca27c5cbd4ea4
b832129c534a445733e7fbf59e1fbbb2ce0fc91f
da076fe4f09cb869a45711154f8088639d1ad1ec
fc4ca88c370de8a64cb4b0ef59c117c689da9f9a
COMODO Cloud Antivirus
Firefox Quantum
Encrypt the web! Use HTTPS Everywhere..
Block spying ads and invisible trackers! Use Privacy Badger..

Offline FlorinG

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 3557
Re: Submit Malware Here To Be Blacklisted - 2017 (NO LIVE MALWARE!)
« Reply #27 on: January 09, 2017, 02:42:09 PM »
Hello guys,

Thank you for sharing these, we'll verify them.

Best regards,
FlorinG
If possible please post your malware submissions as SHA1 lists (created with HashMyFiles or any other software). Always make sure first you have submitted the samples through CIS or CIMA.

Offline Wisdom

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1050
  • Default-Deny Protection
    • CFI
Re: Submit Malware Here To Be Blacklisted - 2017 (NO LIVE MALWARE!)
« Reply #28 on: January 10, 2017, 01:18:54 AM »
9d18eceff5226b651e2f47af6a8c0e7af161768b
d769b24d406aa817777e8931a228044f077c8699
b7fc7964417bc4189167bd01ea1e54669d21f34f
83bff855966cf72a2dd85acae7187caeab556abf
b6c261b2676833ad0ddf610fa751e835ca4c4e21
Heuristics: detecting tomorrow’s threats today

Offline baskarm

  • First Response Group
  • Comodo Family Member
  • *****
  • Posts: 69
Re: Submit Malware Here To Be Blacklisted - 2017 (NO LIVE MALWARE!)
« Reply #29 on: January 10, 2017, 01:23:10 AM »
Hi Wisdom,

Thank you for your submission.
We'll check them and if found to be malware detection will be added.

Regards,
Baskar M

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek