EvilZone

Hacking and Security => Hacking and Security => Topic started by: ThePH30N1X on June 16, 2014, 11:47:27 PM

Title: Malware I Got In An EMail Attachment
Post by: ThePH30N1X on June 16, 2014, 11:47:27 PM

I got some malware in an attachment with some fake email from amazon. Thought you guys might want to mess around with it for fun or whatever. Be careful with this shit, I'm not responsible if you get fucked. Also, Yahoo's shitty Norton attachment scan reported it as a "Trojan.Smoaler". I found this document with some information about it: http://www.symantec.com/security_response/writeup.jsp?docid=2011-100515-1838-99

EDIT: Also attached the message lol.

Title: Re: Malware I Got In An EMail Attachment
Post by: Nero on June 17, 2014, 02:43:10 AM

I find this handy for script kiddies. I have no use for it however.

Title: Re: Malware I Got In An EMail Attachment
Post by: iTpHo3NiX on June 17, 2014, 04:50:05 AM

It's a dropper with probably netcat or a metasploit backdoor

Title: Re: Malware I Got In An EMail Attachment
Post by: ThePH30N1X on June 17, 2014, 02:35:30 PM

Quote from: DeepCopy on June 17, 2014, 04:50:05 AM

It's a dropper with probably netcat or a metasploit backdoor

That's what I found. Probably going to try to do some static analysis when I have time.

Title: Re: Malware I Got In An EMail Attachment
Post by: InfosecFurry on June 17, 2014, 08:57:08 PM

IIRC metasploit shells all have the same assembly signature (unless you write your own). So, it should be easy to determine. Will examine later tonight.

Title: Re: Malware I Got In An EMail Attachment
Post by: $trik3r on June 17, 2014, 09:06:52 PM

have to be some script kiddies work ... lol!!! luckily we hacker's know how to deal with these types of threat 

Title: Re: Malware I Got In An EMail Attachment
Post by: AnarchyAngel on June 18, 2014, 02:06:23 AM

what was in the headers? i have found fun info in them from time to time with emails like this.