Submit Malware Here To Be Blacklisted 2024

EricCryptid · April 17, 2024, 9:04pm

CAMAS although used in the cloud analysis some, evolved into Valkyrie.

See: https://verdict.valkyrie.comodo.com/

For example the below:

New_Style_xd · April 17, 2024, 9:17pm

Thank you my friend for the update, I didn’t know.

Nik123 · April 17, 2024, 10:39pm

Camas/Xamas is Static Analysis,Dynamic Analysis and Precise Detectors

Nik123 · April 17, 2024, 10:56pm

@New_Style_xd You can upload any file to Cloud Verdict Customer Login | Xcitium Cloud Verdict
XAMAS(Xcitium Automated Malware Analysis System) will make a decision of the file if the file is good or bad if a machine learning alghoritm cannot identify if the file is good or bad its sent for human expert analysts which will return a verdict in less then 4 hours

New_Style_xd · April 17, 2024, 11:11pm

Very good, I will register on this page to send the files that I have that are suspicious.
1- I have a question, is everything that goes through the Xcitium threat database, the CIS database, updated?
2- Did Xcitium buy CIS?
Thanks!

Nik123 · April 17, 2024, 11:13pm

1:Yes it will go to CIS database
2:Yes Xcitium is formerly known as Comodo they rebranded 2022 if im correct

New_Style_xd · April 17, 2024, 11:25pm

Friend, could you answer this question I have in the link below?

Nik123 · April 17, 2024, 11:27pm

@ilgaz should give you more details on the version numbers

New_Style_xd · April 17, 2024, 11:30pm

I’m using CIS 2024 BETA at the moment

Nik123 · April 17, 2024, 11:31pm

for now CIS beta is really good and in final release it will be amazing

New_Style_xd · April 17, 2024, 11:32pm

In the link I sent the last question I asked, but no one answered, take a look there and see if you can answer the questions I asked about the CIS database

Nik123 · April 27, 2024, 9:41pm

SHA1: b528fc9a7053622bb1495a2d985dc72ef433417c

Some Suspicious Behaviours
Static Analysis:

Header Checksum is zero!
The Size Of Raw data is valued illegal! Binary might crash your disassembler/debugger
Dynamic Analysis:

Opens a file in a system directory
Has no visible windows

ipipirig · April 29, 2024, 6:03am

Hello,

Thank you for sharing this sample, we’ll check it.

Best regards

tachion · April 29, 2024, 6:44pm

Please take a look at this certificate as it appears to have been revoked.

VirusTotal - Plik - ec33d8ee9c3881b8fcea18f9f862d5926d994553aec1b65081d925afd3e8b028

hxxps[://]www[.]avastdefender[.]com/AnyDesk[.]exe
hxxps[://]www[.]avastdefender[.]com/anydesk[.]dmg

FlorinG · April 29, 2024, 7:01pm

Hello tachion,

Thank you for your submission, we’ll check this.

Best regards,
FlorinG

Nik123 · May 5, 2024, 2:01pm

SHA1: 997a45a3707dd6ac76765664503576d3f6a37cb3

Uploaded to Xcitium Instant Malware Analysis(XIMA) /Xcitium Automated Malware Analysis System(XAMAS)

Static Analysis:

Dynamic Analysis:

Please blacklist it Thanks

Nik123 · May 7, 2024, 12:09pm

Blacklisted
Thanks Staff
Best Regards Nik

Andrew44 · May 11, 2024, 4:30pm

This post was flagged by the community and is temporarily hidden.

Nik123 · May 12, 2024, 7:57pm

SHA1: 61817e25b0cfae37a3f289fc308e67146f874342

RANSOM!!!

Dynamic Analysis:

this ransom uses vssadmin to delete shadow copies please blacklist it immidiatly

FlorinG · May 13, 2024, 12:17pm

Hello @Nik123,

Thank you for sharing this, we’ll check it.

Best regards,
FlorinG